CN117278335A - Password suite selection method and device, electronic equipment and storage medium - Google Patents
Password suite selection method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN117278335A CN117278335A CN202311562211.XA CN202311562211A CN117278335A CN 117278335 A CN117278335 A CN 117278335A CN 202311562211 A CN202311562211 A CN 202311562211A CN 117278335 A CN117278335 A CN 117278335A
- Authority
- CN
- China
- Prior art keywords
- data
- threat
- suite
- security
- real
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003860 storage Methods 0.000 title claims abstract description 9
- 238000010187 selection method Methods 0.000 title abstract description 7
- 238000004458 analytical method Methods 0.000 claims abstract description 57
- 230000007246 mechanism Effects 0.000 claims abstract description 29
- 238000005516 engineering process Methods 0.000 claims abstract description 15
- 238000010801 machine learning Methods 0.000 claims abstract description 11
- 238000013473 artificial intelligence Methods 0.000 claims abstract description 10
- 238000001514 detection method Methods 0.000 claims description 87
- 238000012795 verification Methods 0.000 claims description 45
- 238000000034 method Methods 0.000 claims description 43
- 230000005540 biological transmission Effects 0.000 claims description 34
- 238000011156 evaluation Methods 0.000 claims description 20
- 230000007123 defense Effects 0.000 claims description 19
- 238000003909 pattern recognition Methods 0.000 claims description 18
- 230000006399 behavior Effects 0.000 claims description 17
- 238000012544 monitoring process Methods 0.000 claims description 17
- 231100000279 safety data Toxicity 0.000 claims description 17
- 238000007781 pre-processing Methods 0.000 claims description 15
- 230000008859 change Effects 0.000 claims description 11
- 238000000605 extraction Methods 0.000 claims description 9
- 230000000694 effects Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 8
- 238000012549 training Methods 0.000 claims description 8
- 230000006978 adaptation Effects 0.000 claims description 6
- 238000007405 data analysis Methods 0.000 claims description 6
- 239000000284 extract Substances 0.000 claims description 4
- 230000008569 process Effects 0.000 claims description 4
- 238000010183 spectrum analysis Methods 0.000 claims description 4
- 238000012706 support-vector machine Methods 0.000 claims description 4
- 238000012360 testing method Methods 0.000 claims description 4
- 238000007418 data mining Methods 0.000 claims description 3
- 230000001815 facial effect Effects 0.000 claims description 3
- 238000005206 flow analysis Methods 0.000 claims description 3
- 238000007726 management method Methods 0.000 claims description 3
- 238000010606 normalization Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 5
- 230000001965 increasing effect Effects 0.000 abstract description 4
- 230000010485 coping Effects 0.000 abstract description 2
- 238000005457 optimization Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000001010 compromised effect Effects 0.000 description 3
- 230000004044 response Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000010223 real-time analysis Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 206010000117 Abnormal behaviour Diseases 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000003339 best practice Methods 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/302—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information gathering intelligence information for situation awareness or reconnaissance
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Evolutionary Computation (AREA)
- Technology Law (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to the technical field of password suite selection methods, in particular to a password suite selection method, a device, electronic equipment and a storage medium, which comprise the following steps: network traffic and security data are collected. According to the invention, the potential threat mode and attack can be identified by utilizing artificial intelligence and machine learning technology to carry out intelligent analysis, so that the safety and coping capacity of the cipher suite are improved, and then, the self-adaptive and dynamic adjustment mechanism is introduced, the cipher suite can be flexibly selected and configured according to the real-time network environment and safety requirements, the system is ensured to adapt to the changing threat and requirements, meanwhile, the dependence on hardware implementation safety is weakened, the potential hardware risk is reduced, the distributed decision mechanism is introduced, the reliability of the cipher suite selection and the overall safety of the system are increased, and in sum, the improved schemes improve the intelligence, flexibility and reliability of the cipher suite and have important significance for network communication and data protection.
Description
Technical Field
The present invention relates to the field of a cryptographic suite selection method, and in particular, to a cryptographic suite selection method, a cryptographic suite selection device, an electronic device, and a storage medium.
Background
A cipher suite is a set of cryptographic algorithms, key exchange protocols, and authentication mechanisms used to secure network communications. The emphasis is on following current best practices for security, including the use of secure, sophisticated encryption algorithms, key exchange protocols, and authentication mechanisms. Second, a cipher suite supporting forward security should be prioritized to protect the communication from future attacks, ensuring that the previously encrypted communication is not hacked even if the key is compromised. In addition, performance and compatibility are also key considerations. Some cryptographic suites may be more efficient in terms of performance and can provide better compatibility to ensure interoperability with different systems and applications. Finally, specific requirements and limitations, such as resource constrained devices or systems with high security requirements, are considered.
In existing cipher suite selection methods, traditional cipher suite selection is typically based on static configuration files or predefined policies, lacking in adaptivity and instantaneity. This results in a cipher suite that cannot timely accommodate dynamically changing security requirements and network environments. The traditional method often does not fully utilize a large amount of security data and network traffic for intelligent analysis when selecting the cipher suite. The lack of recognition and modeling capabilities for potential threat patterns and attacks results in that the selected cryptographic suites may not be sufficient to effectively defend against new types of attacks. Some cryptographic suites rely on hardware to implement security, but the hardware may be subject to physical attacks and backdoor hazards. This limits the flexibility and trustworthiness of the cipher suite while increasing the potential vulnerability of the system security. Traditional cipher suites are typically passive, relying on static encryption algorithms to protect the security of data. The lack of active defense strategies, such as intrusion detection, threat intelligence, dynamic policy adjustment, etc., does not actively capture and deal with new types of attacks and threats. In conventional approaches, the cipher suite selection is typically guided by a centralized entity or standard organization. This centralized selection mechanism may lead to single point failures and threats while limiting participation and consensus of more participants.
Disclosure of Invention
The invention aims to solve the defects in the prior art, and provides a password suite selecting method, a password suite selecting device, electronic equipment and a storage medium.
In order to achieve the above purpose, the present invention adopts the following technical scheme: a cipher suite selecting method comprises the following steps:
s1: collecting network traffic and security data;
s2: extracting key features of the network traffic and the safety data by using artificial intelligence and machine learning technology, generating a feature data set, and establishing a threat mode identification and attack detection model with learning and adaptation capabilities;
s3: analyzing real-time network environment data by applying the threat pattern recognition and attack detection model, recognizing possible threats and attacks, and analyzing the current network environment and security policy to obtain an analysis result of the current security requirement;
s4: dynamically selecting a cipher suite suitable for the current security requirement based on the analysis result;
s5: before data transmission, multi-factor authentication is performed;
s6: based on the password suite, carrying out data transmission and applying an active defense strategy;
s7: and dynamically adjusting the password suite according to the change of the real-time network environment and the update of the threat mode, and adopting a distributed decision mechanism to enable a plurality of entities or nodes to participate in decision when a new password suite is selected.
As a further scheme of the invention, the collecting network traffic and security data specifically comprises collecting network traffic and security data with network equipment, server logs and an intrusion detection system as sources, wherein the network traffic and security data comprise network transaction records, historical security events and dynamic change data of a network environment.
As a further scheme of the invention, the steps of extracting key characteristics of the network traffic and the safety data by using artificial intelligence and machine learning technology and establishing a threat pattern recognition and attack detection model with learning and adaptation capability are specifically as follows:
s201: performing data preprocessing including data cleansing and data normalization on the network traffic and security data;
s202: extracting frequency domain features from the network traffic and the safety data subjected to data preprocessing by using a frequency spectrum analysis method to generate a feature data set;
s203: a threat mode identification and attack detection model is established by adopting a support vector machine supervised learning algorithm;
s204: based on the characteristic data set, dividing the characteristic data set into a training set and a testing set, training and evaluating the threat pattern recognition and attack detection model, and optimizing the model according to an evaluation result;
s205: and setting a timing task, and periodically updating the threat pattern recognition and attack detection model.
As a further scheme of the present invention, the step of applying the threat pattern recognition and attack detection model to analyze real-time network environment data, recognize possible threats and attacks, and analyze current network environment and security policy to obtain an analysis result of current security requirements specifically includes:
s301: collecting the real-time network environment data by configuring a network monitoring tool, a safety device and a log collector;
s302: preprocessing the real-time network environment data, and extracting real-time key features;
s303: inputting the real-time key features into a threat mode identification and attack detection model to obtain detection results of threat mode identification and attack detection;
s304: and carrying out threat assessment and analysis on the real-time network environment based on the detection result, identifying possible threats and attacks, and assessing the severity and threat.
As a further aspect of the present invention, the step of dynamically selecting a cipher suite suitable for the current security requirement specifically includes:
s401: based on the analysis result, analyzing the current network environment and the security policy to obtain current security requirement information, wherein the current security requirement information comprises encryption strength requirements, data protection requirements and a password suite selection range;
s402: based on an encryption algorithm, an authentication method and key management, carrying out feasibility evaluation on the password suite within the password suite selection range to obtain a security analysis report;
s403: based on the current safety requirement information, carrying out adaptability evaluation on the password suite within the password suite selection range to obtain an adaptability evaluation report;
s404: based on the security analysis report and the adaptability evaluation report, determining a selection strategy of the cipher suite by adopting a trade-off decision method;
s405: and dynamically selecting a cipher suite based on the selection strategy and the current security requirement information, changing a configuration file, updating a protocol and adjusting encryption parameters.
As a further aspect of the present invention, the step of performing multi-factor authentication specifically includes:
s501: based on the user name and the password, the second factor comprising the mobile phone verification code, the hardware token and the biological characteristic is obtained as a basic identity verification factor;
s502: executing the authentication process, including verifying the correctness of the user name and the password, collecting and verifying a second factor, and obtaining a multi-factor verification result, wherein the verification second factor comprises token generation and verification, biological feature recognition, short message verification, fingerprint recognition and facial recognition;
s503: and judging based on the multi-factor verification result, and judging that the identity verification is successful when all the factor verification results pass the verification.
As a further scheme of the present invention, the step of applying an active defense strategy based on the data transmission of the cryptographic suite specifically includes:
s601: deploying an intrusion detection system based on the cipher suite to monitor network activity during data transmission;
s602: based on the intrusion detection system, monitoring the flow and behavior of transmission data, including a source IP address, a destination IP address and a transmission protocol, by a network sniffing and data packet analysis method;
s603: the intrusion detection system matches and analyzes the flow and the behavior of the transmission data with the existing attack characteristics and malicious behaviors based on signature and behavior analysis methods, identifies possible intrusion events and generates intrusion detection results;
s604: the intrusion detection system collects external threat information, including known attack modes, malicious software and vulnerability information;
s605: correlating and analyzing the external threat information with the intrusion detection result, and comparing the external threat information with the intrusion event of the intrusion detection result to check and confirm the real threat event;
s606: based on the threat event, dynamically adjusting security policies including updating firewall rules, modifying access control policies, enforcing authentication requirements.
As a further scheme of the present invention, the steps of dynamically adjusting the cipher suite according to the change of the real-time network environment and the update of the threat mode, and adopting a distributed decision mechanism to enable a plurality of entities or nodes to participate in decision when selecting a new cipher suite are specifically as follows:
s701: the entities or nodes monitor and share information in real time in a network, and collect collected data including network flow, threat information and security events;
s702: based on the acquired data, carrying out network flow analysis, threat information analysis and security event analysis to obtain a data analysis result, and carrying out feature extraction by adopting a data mining technology to obtain feature data;
s703: based on the data analysis result and the characteristic data, threat assessment and safety requirement analysis are carried out, and real-time threat level is assessed;
s704: introducing a distributed decision mechanism, and enabling the plurality of entities or nodes to participate in dynamic adjustment decision of the password suite by means of a distributed computing and cooperative game technology;
s705: based on the roles, expertise and credibility of the entity or the node, calculating the weight of the entity or the node for the cipher suite selection decision;
s706: and integrating and summarizing the decision weights of each entity or node, and obtaining a final cipher suite selection result by adopting a weight weighted average method.
The password suite selecting device comprises a data acquisition module, a data processing and analyzing module, a real-time monitoring and analyzing module, a password suite selecting module, a multi-factor identity verification module, an active defense strategy application module and a distributed decision mechanism module;
the data acquisition module is used for collecting network traffic and safety data;
the data processing and analyzing module performs data preprocessing and feature extraction on the network traffic and the safety data, and establishes a threat mode identification and attack detection model;
the real-time monitoring and analyzing module monitors real-time network environment data, extracts real-time key features, acquires threat identification and detection results through the threat pattern identification and attack detection model, identifies possible threats and attacks according to the analysis results, and evaluates the possible threats and attacks;
the password suite selection module dynamically selects the password suite according to the analysis result of the real-time network environment and the security requirement information;
the multi-factor identity verification module performs multi-factor identity verification, so that the safety of data transmission is enhanced;
the active defense strategy application module deploys an intrusion detection system to monitor network activities in the data transmission process based on the selected password suite, performs intrusion detection and threat analysis, and adjusts a security strategy according to threat events;
the distributed decision mechanism module introduces a distributed decision mechanism to enable a plurality of entities or nodes to participate in dynamic adjustment decision of the password suite.
The electronic equipment is specifically a server, the server is used for carrying a password suite pushing device, the storage medium is specifically a solid-state driver, the solid-state driver is used for storing a password suite pushing method, and when the electronic equipment runs, the password suite pushing device executes the password suite pushing method.
Compared with the prior art, the invention has the advantages and positive effects that:
according to the invention, the artificial intelligence and machine learning technology are utilized to carry out intelligent analysis, and potential threat modes and attacks can be identified, so that the security and the coping capacity of the cipher suite are improved. And secondly, a self-adaptive and dynamic adjustment mechanism is introduced, so that the password suite can be flexibly selected and configured according to the real-time network environment and security requirements, and the system is ensured to be capable of adapting to the changing threats and requirements. In addition, the multi-factor identity authentication and active defense strategies are fused, so that the identity authentication protection and defense capacity is enhanced, and the system is more difficult to attack. Meanwhile, the dependence on hardware implementation safety is weakened, and potential hardware risks are reduced. The distributed decision mechanism is introduced, so that the reliability of the password suite selection and the overall security of the system are increased. In summary, these improved schemes improve the intelligence, flexibility and credibility of the cipher suite, and have important significance for network communication and data protection.
Drawings
FIG. 1 is a schematic workflow diagram of the present invention;
FIG. 2 is a S2 refinement flowchart of the present invention;
FIG. 3 is a S3 refinement flowchart of the present invention;
FIG. 4 is a S4 refinement flowchart of the present invention;
FIG. 5 is a S5 refinement flowchart of the present invention;
FIG. 6 is a S6 refinement flowchart of the present invention;
FIG. 7 is a S7 refinement flowchart of the present invention;
fig. 8 is a system flow diagram of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
In the description of the present invention, it should be understood that the terms "length," "width," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," and the like indicate orientations or positional relationships based on the orientation or positional relationships shown in the drawings, merely to facilitate describing the present invention and simplify the description, and do not indicate or imply that the devices or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and therefore should not be construed as limiting the present invention. Furthermore, in the description of the present invention, the meaning of "a plurality" is two or more, unless explicitly defined otherwise.
Examples
Referring to fig. 1, the present invention provides a technical solution: a cipher suite selecting method comprises the following steps:
s1: collecting network traffic and security data;
s2: extracting key features of network traffic and safety data by using artificial intelligence and machine learning technology, generating a feature data set, and establishing a threat mode identification and attack detection model with learning and adaptation capabilities;
s3: analyzing real-time network environment data by using a threat mode identification and attack detection model, identifying possible threats and attacks, and analyzing the current network environment and security policies to obtain an analysis result of the current security requirements;
s4: dynamically selecting a password suite suitable for the current security requirement based on the analysis result;
s5: before data transmission, multi-factor authentication is performed;
s6: based on the password suite, carrying out data transmission and applying an active defense strategy;
s7: dynamically adjusting the cipher suite according to the change of the real-time network environment and the update of the threat mode, and adopting a distributed decision mechanism to enable a plurality of entities or nodes to participate in decision when selecting a new cipher suite.
The collecting network traffic and security data specifically comprises collecting network traffic and security data with network equipment, server logs and an intrusion detection system as sources, wherein the network traffic and security data comprise network transaction records, historical security events and dynamic change data of a network environment.
By collecting network traffic and security data and analyzing by applying artificial intelligence and machine learning techniques, a feature data set is generated and threat pattern recognition and attack detection models are established. The method can identify potential threats and attacks, and dynamically select a proper cipher suite according to the analysis results of the current network environment and security requirements. Before data transmission, multi-factor authentication is adopted to enhance security, and an active defense strategy is applied. Along with the change of the real-time network environment and the update of the threat mode, the method can also dynamically adjust the password suite, and a distributed decision mechanism is used to enable a plurality of entities or nodes to participate in the decision, so that the accuracy and the reliability of the decision are improved.
Referring to fig. 2, the steps of extracting key features of network traffic and security data by using artificial intelligence and machine learning technology, and establishing a threat pattern recognition and attack detection model with learning and adaptation capability are specifically as follows:
s201: performing data preprocessing including data cleansing and data normalization on network traffic and security data;
s202: extracting frequency domain features from the network traffic and the safety data subjected to data preprocessing by using a frequency spectrum analysis method to generate a feature data set;
s203: a threat mode identification and attack detection model is established by adopting a support vector machine supervised learning algorithm;
s204: dividing the feature data set into a training set and a testing set, training and evaluating threat pattern recognition and attack detection models, and optimizing the models according to the evaluation results;
s205: and setting a timing task, and periodically updating a threat mode identification and attack detection model.
By cleaning and standardized data preprocessing of network traffic and safety data, the quality and consistency of the data can be improved, noise and unnecessary information are eliminated, and an accurate and reliable data basis is provided for subsequent feature extraction and model establishment. The frequency spectrum analysis method is adopted to extract the characteristics of the preprocessed data, so that key characteristics of network flow and safety data can be revealed from the angle of a frequency domain. These features can be used to describe network behavior patterns, abnormal behavior, and potential threats, providing meaningful input for the creation and training of subsequent models. A threat mode recognition and attack detection model is established based on a supervised learning algorithm such as a support vector machine, and supervised learning can be performed by utilizing a data set obtained through preprocessing and feature extraction. The model based on machine learning can learn the mode of network traffic and safety data, identify threats and detect attacks from the mode, and improve the accuracy and efficiency of malicious behaviors. The feature data set is divided into a training set and a testing set, and threat pattern recognition and attack detection models are trained and evaluated. Through the evaluation result, the performance and the accuracy of the model can be known, corresponding optimization is carried out, and the prediction capability and the generalization capability of the model are improved. And setting a timing task, and periodically updating a threat mode identification and attack detection model. Along with the continuous evolution of the network threat and the change of an attack method, the model can be updated regularly to ensure the adaptability and the effectiveness of the model, and the defending capability of the system is improved.
Referring to fig. 3, the steps of analyzing real-time network environment data by applying a threat pattern recognition and attack detection model, recognizing possible threats and attacks, and analyzing the current network environment and security policy to obtain the analysis result of the current security requirement are specifically as follows:
s301: collecting real-time network environment data by configuring a network monitoring tool, a safety device and a log collector;
s302: preprocessing the real-time network environment data, and extracting real-time key features;
s303: inputting the real-time key features into a threat mode identification and attack detection model to obtain detection results of threat mode identification and attack detection;
s304: based on the detection results, threat assessment and analysis are performed on the real-time network environment, possible threats and attacks are identified, and the severity and threat are assessed.
First, real-time network environment data is collected by configuring a network monitoring tool, a security device and a log collector, and is preprocessed and feature extracted. And then inputting the real-time key features into a threat mode recognition and attack detection model to obtain threat recognition and detection results. Based on these results, a real-time network environment can be threat assessment and analysis, identifying potential threats and attacks, and assessing their severity and threat. The real-time analysis and evaluation can improve the security and the defending capability of the network and help to take corresponding security measures and defending strategies in time. Meanwhile, real-time decision support and continuous optimization are also beneficial effects of the method. Through real-time analysis and evaluation of the results, a decision maker can make corresponding decisions and take appropriate measures to protect the safety of the network environment. In addition, the continuous optimization threat pattern recognition and attack detection model can continuously improve the accuracy and performance of the model, and the recognition capability of novel threats and attack behaviors is improved. In summary, the threat mode recognition and attack detection model is applied to analyze the real-time network environment data, so that timely threat recognition, security assessment, decision support and continuous optimization can be realized, and the security and defensive capability of the network environment are improved.
Referring to fig. 4, the steps of dynamically selecting a cipher suite suitable for the current security requirement are as follows:
s401: based on the analysis result, analyzing the current network environment and the security policy to obtain current security requirement information, wherein the current security requirement information comprises encryption strength requirements, data protection requirements and a password suite selection range;
s402: based on an encryption algorithm, an authentication method and key management, carrying out feasibility evaluation on the password suite within the password suite selection range to obtain a security analysis report;
s403: based on the current security requirement information, carrying out adaptability evaluation on the password suite within the password suite selection range, and acquiring an adaptability evaluation report;
s404: based on the security analysis report and the adaptability evaluation report, determining a selection strategy of the cipher suite by adopting a trade-off decision method;
s405: based on the selection strategy and the current security requirement information, the cipher suite is dynamically selected, the configuration file is changed, the protocol is updated, and the encryption parameters are adjusted.
The cipher suite may be selected to pursue an optimal level of security through analysis with the current network environment and security policies, as well as comprehensive consideration of security and fitness assessment reports. This ensures that the selected cipher suite can meet encryption strength requirements and data protection requirements, effectively protecting against various security threats and attacks. The feasibility evaluation and the adaptability evaluation consider the factors such as performance cost, compatibility, deployment and the like of the password suite, and ensure that the selected password suite meets the safety requirement and simultaneously optimizes the resource utilization to the greatest extent. This helps to improve the efficiency and performance of the system, avoiding unnecessary resource consumption. The dynamic selection of the cipher suite can be adjusted and updated according to the current security requirement information. By changing configuration files, updating protocols, adjusting encryption parameters and the like, the method can flexibly cope with the changing threats and demands. This allows the system to quickly adapt to new security requirements, providing greater protection and adaptability. By dynamically selecting the cipher suite, new security threats and vulnerabilities can be responded to in time. Once a security risk occurs, the configuration file may be changed immediately, the protocol updated, or the encryption parameters adjusted to repair the vulnerability and enhance the security of the system. Such timely response and updating helps to protect the system from the latest threats. Dynamic selection of the cipher suite provides the system with continued maintenance and improved opportunities. By periodically evaluating and updating the selection strategy of the cipher suite, the security and performance of the system can be optimized, and the system adapts to the evolving security requirements and threat environments.
Referring to fig. 5, the steps for performing multi-factor authentication are specifically:
s501: based on the user name and the password, the second factor comprising the mobile phone verification code, the hardware token and the biological characteristic is obtained as a basic identity verification factor;
s502: executing the authentication process, including verifying the correctness of the user name and the password, collecting and verifying a second factor, and obtaining a multi-factor verification result, wherein the verification second factor comprises token generation and verification, biological feature recognition, short message verification, fingerprint recognition and facial recognition;
s503: and judging based on the multi-factor verification result, and judging that the identity verification is successful when all the factor verification results pass the verification.
By adding a plurality of verification factors, the security of the identity verification process is improved. Even if the password is guessed or compromised, an attacker cannot easily bypass verification of other factors. This reduces the risk of password cracking and spoofing attacks, enhancing the protection capability of authentication. Multi-factor authentication can resist various spoofing attacks such as phishing, social engineering, and malware attacks. The user name and the password are easily impersonated by an attacker, but multi-factor verification requires the attacker to acquire and verify additional factors, thereby increasing the complexity of the attack. Multi-factor authentication can effectively prevent account abuse. Even if an attacker obtains the user's password, if a valid second factor cannot be provided, authentication cannot be passed, thus avoiding the risk of unauthorized access and abuse of the account. By using multi-factor authentication, the user may be more confident of the security of his account. They know that even if the password is compromised, there are other factors that protect their account, providing additional security.
Referring to fig. 6, the steps of applying the active defense strategy are specifically as follows:
s601: deploying an intrusion detection system based on the cipher suite to monitor network activity in the data transmission process;
s602: based on an intrusion detection system, monitoring the flow and behavior of transmission data, including a source IP address, a destination IP address and a transmission protocol, by a network sniffing and data packet analysis method;
s603: the intrusion detection system matches and analyzes the flow and behavior of the transmission data with the existing attack characteristics and malicious behaviors based on signature and behavior analysis methods, identifies possible intrusion events and generates intrusion detection results;
s604: the intrusion detection system collects external threat information, including known attack modes, malicious software and vulnerability information;
s605: correlating and analyzing the external threat information with the intrusion detection result, and comparing the external threat information with the intrusion event of the intrusion detection result to check and confirm the real threat event;
s506: based on the threat event, dynamically adjusting security policies, including updating firewall rules, modifying access control policies, enforcing authentication requirements.
By deploying the intrusion detection system, the network traffic and the data transmission behavior can be monitored in real time, potential intrusion events can be detected in time, and the method is beneficial to quick response and prevention of data leakage or unauthorized access. Through association and analysis with external threat information, the latest attack mode and malicious behavior can be known in time, so that the security policy can be better adjusted, firewall rules, access control policies and identity verification requirements can be enhanced, and the security protection capability of the system can be improved. Based on the threat analysis result, the security policy and control measures can be automatically adjusted, and the burden of manual intervention is reduced. This helps to achieve fast response and accurate threat event handling, improving the overall security of the system.
Referring to fig. 7, dynamically adjusting the cipher suite according to the change of the real-time network environment and the update of the threat mode, and when selecting a new cipher suite, adopting a distributed decision mechanism to make a plurality of entities or nodes participate in decision, specifically:
s701: a plurality of entities or nodes perform real-time monitoring and information sharing in a network and collect collected data including network flow, threat information and security events;
s702: based on the acquired data, carrying out network flow analysis, threat information analysis and security event analysis, acquiring a data analysis result, and carrying out feature extraction by adopting a data mining technology to acquire feature data;
s703: based on the data analysis result and the characteristic data, threat assessment and safety requirement analysis are carried out, and real-time threat level is assessed;
s704: introducing a distributed decision mechanism, and enabling a plurality of entities or nodes to participate in dynamic adjustment decision of the password suite by means of distributed computing and cooperative game technologies;
s705: based on the roles, expertise and credibility of the entities or nodes, calculating the weight of the entities or nodes to the cipher suite selection decision;
s706: and integrating and summarizing the decision weights of each entity or node, and obtaining a final cipher suite selection result by adopting a weight weighted average method.
By monitoring changes in real-time network environment and threat patterns, and utilizing participation of multiple entities or nodes, the cipher suite can be responded to and updated in time to accommodate new threats and security requirements. By integrating decision weights of a plurality of entities or nodes and considering roles, expertise and credibility of each entity or node, a cipher suite selection decision can be made from multiple angles comprehensively, and the accuracy and comprehensiveness of the decision are improved. By dynamically selecting a password suite that is appropriate for the current threat level, security risks are reduced and greater security protection is provided. This enables the system to adapt and optimize to real-time conditions, providing better security. Through distributed decision making, multiple entities or nodes can cooperatively share information and expertise to jointly adjust the cipher suite. This maximizes the utilization of the advantages and resources of the various entities or nodes, improving the overall decision making capability.
Referring to fig. 8, a cipher suite selecting device includes a data acquisition module, a data processing and analyzing module, a real-time monitoring and analyzing module, a cipher suite selecting module, a multi-factor identity verification module, an active defense strategy application module, and a distributed decision mechanism module;
the data acquisition module is used for collecting network traffic and safety data;
the data processing and analyzing module performs data preprocessing and feature extraction on the network traffic and the safety data, and establishes a threat mode identification and attack detection model;
the real-time monitoring and analyzing module monitors real-time network environment data, extracts real-time key features, acquires threat identification and detection results through a threat mode identification and attack detection model, identifies possible threats and attacks according to the analysis results, and evaluates the possible threats and attacks;
the password suite selection module dynamically selects the password suite according to the analysis result of the real-time network environment and the security requirement information;
the multi-factor identity verification module performs multi-factor identity verification, so that the safety of data transmission is enhanced;
the active defense strategy application module deploys an intrusion detection system to monitor network activities in the data transmission process based on the selected password suite, performs intrusion detection and threat analysis, and adjusts a security strategy according to threat events;
the distributed decision mechanism module introduces a distributed decision mechanism to enable a plurality of entities or nodes to participate in the dynamic adjustment decision of the cipher suite.
The data acquisition module is responsible for collecting network traffic and security data, and the data processing and analysis module performs preprocessing, feature extraction and threat pattern recognition and attack detection model establishment on the data. The real-time monitoring and analyzing module can monitor network environment data in real time and extract key characteristics, and possible threats and attacks are evaluated through threat identification and detection. In the cipher suite selection module, the cipher suite is dynamically selected to adapt to threat changes according to the analysis result of the network environment and the security requirement information. In addition, the multi-factor authentication module enhances the security of data transmission, and the active defense policy application module applies intrusion detection systems and security policy adjustments according to the selected cipher suite to protect network activity during data transmission. In addition, based on a distributed decision mechanism, a plurality of entities or nodes participate in dynamic adjustment decision of the password suite, so that the accuracy and the comprehensiveness of the decision are improved. The integrated security system integrating these functions can provide comprehensive network security protection, cope with security threats and guarantee secure transmission of sensitive data.
The electronic equipment is specifically a server, the server is used for carrying a password suite pushing device, the storage medium is specifically a solid-state drive, the solid-state drive is used for storing a password suite pushing method, and when the electronic equipment runs, the password suite pushing device executes the password suite pushing method.
Working principle: firstly, collecting network traffic and safety data through a data acquisition module, extracting key features by utilizing artificial intelligence and machine learning technologies, and establishing a threat pattern recognition and attack detection model. Then, the models are applied to analyze the real-time network environment data, identify potential threats and attacks, and acquire the information of the current security requirements according to analysis results.
Based on the analysis result, a cipher suite suitable for the current security requirement is dynamically selected. Before data transmission, multi-factor authentication is performed to enhance the security of the data transmission. Then, an active defense strategy is applied according to the selected cipher suite, an intrusion detection system is deployed to monitor network activity in the data transmission process, and a security strategy is dynamically adjusted according to threat events.
The method may dynamically adjust the cipher suite as the real-time network environment changes and threat patterns update. When a new cipher suite is selected, a distributed decision mechanism is adopted, a plurality of entities or nodes participate in decision making, weights are calculated by utilizing roles, expertise and credibility of the entities or nodes, the weights are integrated and summarized, and finally, the selection result of the cipher suite is determined.
The password suite selecting device comprises a data acquisition module, a data processing and analyzing module, a real-time monitoring and analyzing module, a password suite selecting module, a multi-factor identity verification module, an active defense strategy application module and a distributed decision mechanism module. Through cooperation of the modules, comprehensive cipher suite selection and safety protection functions can be provided.
The present invention is not limited to the above embodiments, and any equivalent embodiments which can be changed or modified by the technical disclosure described above can be applied to other fields, but any simple modification, equivalent changes and modification made to the above embodiments according to the technical matter of the present invention will still fall within the scope of the technical disclosure.
Claims (10)
1. The password suite selecting method is characterized by comprising the following steps of:
collecting network traffic and security data;
extracting key features of the network traffic and the safety data by using artificial intelligence and machine learning technology, generating a feature data set, and establishing a threat mode identification and attack detection model with learning and adaptation capabilities;
analyzing real-time network environment data by applying the threat pattern recognition and attack detection model, recognizing possible threats and attacks, and analyzing the current network environment and security policy to obtain an analysis result of the current security requirement;
dynamically selecting a cipher suite suitable for the current security requirement based on the analysis result;
before data transmission, multi-factor authentication is performed;
based on the password suite, carrying out data transmission and applying an active defense strategy;
and dynamically adjusting the password suite according to the change of the real-time network environment and the update of the threat mode, and adopting a distributed decision mechanism to enable a plurality of entities or nodes to participate in decision when a new password suite is selected.
2. The method according to claim 1, wherein the collecting network traffic and security data specifically includes collecting network traffic and security data originated by a network device, a server log, and an intrusion detection system, the network traffic and security data including network transaction records, historical security events, and dynamic change data of a network environment.
3. The method for selecting a cipher suite according to claim 1, wherein the steps of extracting key features of the network traffic and security data by using artificial intelligence and machine learning technology, and establishing a threat pattern recognition and attack detection model with learning and adaptation capability specifically include:
performing data preprocessing including data cleansing and data normalization on the network traffic and security data;
extracting frequency domain features from the network traffic and the safety data subjected to data preprocessing by using a frequency spectrum analysis method to generate a feature data set;
a threat mode identification and attack detection model is established by adopting a support vector machine supervised learning algorithm;
based on the characteristic data set, dividing the characteristic data set into a training set and a testing set, training and evaluating the threat pattern recognition and attack detection model, and optimizing the model according to an evaluation result;
and setting a timing task, and periodically updating the threat pattern recognition and attack detection model.
4. The method for selecting a cipher suite according to claim 1, wherein the steps of applying the threat pattern recognition and attack detection model to analyze real-time network environment data, recognizing possible threats and attacks, and analyzing current network environment and security policy to obtain analysis results of current security requirements are specifically as follows:
collecting the real-time network environment data by configuring a network monitoring tool, a safety device and a log collector;
preprocessing the real-time network environment data, and extracting real-time key features;
inputting the real-time key features into a threat mode identification and attack detection model to obtain detection results of threat mode identification and attack detection;
and carrying out threat assessment and analysis on the real-time network environment based on the detection result, identifying possible threats and attacks, and assessing the severity and threat.
5. The method for selecting a cipher suite according to claim 1, wherein the step of dynamically selecting a cipher suite suitable for the current security requirement is specifically:
based on the analysis result, analyzing the current network environment and the security policy to obtain current security requirement information, wherein the current security requirement information comprises encryption strength requirements, data protection requirements and a password suite selection range;
based on an encryption algorithm, an authentication method and key management, carrying out feasibility evaluation on the password suite within the password suite selection range to obtain a security analysis report;
based on the current safety requirement information, carrying out adaptability evaluation on the password suite within the password suite selection range to obtain an adaptability evaluation report;
based on the security analysis report and the adaptability evaluation report, determining a selection strategy of the cipher suite by adopting a trade-off decision method;
and dynamically selecting a cipher suite based on the selection strategy and the current security requirement information, changing a configuration file, updating a protocol and adjusting encryption parameters.
6. The method of claim 1, wherein the step of performing multi-factor authentication is specifically:
based on the user name and the password, the second factor comprising the mobile phone verification code, the hardware token and the biological characteristic is obtained as a basic identity verification factor;
executing the authentication process, including verifying the correctness of the user name and the password, collecting and verifying a second factor, and obtaining a multi-factor verification result, wherein the verification second factor comprises token generation and verification, biological feature recognition, short message verification, fingerprint recognition and facial recognition;
and judging based on the multi-factor verification result, and judging that the identity verification is successful when all the factor verification results pass the verification.
7. The method for selecting a cipher suite according to claim 1, wherein the step of applying an active defense policy based on data transmission of the cipher suite is specifically:
deploying an intrusion detection system based on the cipher suite to monitor network activity during data transmission;
based on the intrusion detection system, monitoring the flow and behavior of transmission data, including a source IP address, a destination IP address and a transmission protocol, by a network sniffing and data packet analysis method;
the intrusion detection system matches and analyzes the flow and the behavior of the transmission data with the existing attack characteristics and malicious behaviors based on signature and behavior analysis methods, identifies possible intrusion events and generates intrusion detection results;
the intrusion detection system collects external threat information, including known attack modes, malicious software and vulnerability information;
correlating and analyzing the external threat information with the intrusion detection result, and comparing the external threat information with the intrusion event of the intrusion detection result to check and confirm the real threat event;
based on the threat event, dynamically adjusting security policies including updating firewall rules, modifying access control policies, enforcing authentication requirements.
8. The method for selecting a cipher suite according to claim 1, wherein the step of dynamically adjusting the cipher suite according to the change of the real-time network environment and the update of the threat mode, and when selecting a new cipher suite, using a distributed decision mechanism to let a plurality of entities or nodes participate in decision is specifically:
the entities or nodes monitor and share information in real time in a network, and collect collected data including network flow, threat information and security events;
based on the acquired data, carrying out network flow analysis, threat information analysis and security event analysis to obtain a data analysis result, and carrying out feature extraction by adopting a data mining technology to obtain feature data;
based on the data analysis result and the characteristic data, threat assessment and safety requirement analysis are carried out, and real-time threat level is assessed;
introducing a distributed decision mechanism, and enabling the plurality of entities or nodes to participate in dynamic adjustment decision of the password suite by means of a distributed computing and cooperative game technology;
based on the roles, expertise and credibility of the entity or the node, calculating the weight of the entity or the node for the cipher suite selection decision;
and integrating and summarizing the decision weights of each entity or node, and obtaining a final cipher suite selection result by adopting a weight weighted average method.
9. The password suite selecting device is characterized by comprising a data acquisition module, a data processing and analyzing module, a real-time monitoring and analyzing module, a password suite selecting module, a multi-factor identity verification module, an active defense strategy application module and a distributed decision mechanism module;
the data acquisition module is used for collecting network traffic and safety data;
the data processing and analyzing module performs data preprocessing and feature extraction on the network traffic and the safety data, and establishes a threat mode identification and attack detection model;
the real-time monitoring and analyzing module monitors real-time network environment data, extracts real-time key features, acquires threat identification and detection results through the threat pattern identification and attack detection model, identifies possible threats and attacks according to the analysis results, and evaluates the possible threats and attacks;
the password suite selection module dynamically selects the password suite according to the analysis result of the real-time network environment and the security requirement information;
the multi-factor identity verification module performs multi-factor identity verification, so that the safety of data transmission is enhanced;
the active defense strategy application module deploys an intrusion detection system to monitor network activities in the data transmission process based on the selected password suite, performs intrusion detection and threat analysis, and adjusts a security strategy according to threat events;
the distributed decision mechanism module introduces a distributed decision mechanism to enable a plurality of entities or nodes to participate in dynamic adjustment decision of the password suite.
10. A cryptographic suite push electronic device and a storage medium, wherein the electronic device is specifically a server, the server is used for carrying the cryptographic suite push device as claimed in claim 9, the storage medium is specifically a solid-state drive, the solid-state drive is used for storing the cryptographic suite push method as claimed in any one of claims 1-8, and when the electronic device is running, the cryptographic suite push device executes the cryptographic suite push method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311562211.XA CN117278335B (en) | 2023-11-22 | 2023-11-22 | Password suite selection method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311562211.XA CN117278335B (en) | 2023-11-22 | 2023-11-22 | Password suite selection method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117278335A true CN117278335A (en) | 2023-12-22 |
| CN117278335B CN117278335B (en) | 2024-04-09 |
Family
ID=89208464
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311562211.XA Active CN117278335B (en) | 2023-11-22 | 2023-11-22 | Password suite selection method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117278335B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101162992A (en) * | 2007-09-29 | 2008-04-16 | 中国人民解放军信息工程大学 | Cipher protocol safety operation protecting method and system of tolerant intrusion |
| WO2009097715A1 (en) * | 2008-02-02 | 2009-08-13 | Chengdu Huawei Symantec Technologies Co., Ltd. | Device for uniform threat management and method for loading threat defense modules |
| CN103888242A (en) * | 2014-03-31 | 2014-06-25 | 武汉大学 | Intelligent code cryptosystem oriented to side channel analysis |
| CN116346440A (en) * | 2023-03-09 | 2023-06-27 | 西安电子科技大学 | Distributed authentication and dynamic key sharing method, system, equipment and medium based on MQTT protocol |
| CN116662989A (en) * | 2023-08-01 | 2023-08-29 | 深圳奥联信息安全技术有限公司 | Security data analysis method and system |
-
2023
- 2023-11-22 CN CN202311562211.XA patent/CN117278335B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101162992A (en) * | 2007-09-29 | 2008-04-16 | 中国人民解放军信息工程大学 | Cipher protocol safety operation protecting method and system of tolerant intrusion |
| WO2009097715A1 (en) * | 2008-02-02 | 2009-08-13 | Chengdu Huawei Symantec Technologies Co., Ltd. | Device for uniform threat management and method for loading threat defense modules |
| CN103888242A (en) * | 2014-03-31 | 2014-06-25 | 武汉大学 | Intelligent code cryptosystem oriented to side channel analysis |
| CN116346440A (en) * | 2023-03-09 | 2023-06-27 | 西安电子科技大学 | Distributed authentication and dynamic key sharing method, system, equipment and medium based on MQTT protocol |
| CN116662989A (en) * | 2023-08-01 | 2023-08-29 | 深圳奥联信息安全技术有限公司 | Security data analysis method and system |
Non-Patent Citations (1)
| Title |
|---|
| 张卓;陈毓端;唐伽佳;陈新宇;: "基于威胁的网络安全动态防御研究", 保密科学技术, no. 06 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117278335B (en) | 2024-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Li et al. | System statistics learning-based IoT security: Feasibility and suitability | |
| Meng | Intrusion detection in the era of IoT: Building trust via traffic filtering and sampling | |
| CN107040517B (en) | Cognitive intrusion detection method oriented to cloud computing environment | |
| EP2545680B1 (en) | Behavior-based security system | |
| CN116881981B (en) | Digital signature system and method based on certificate | |
| CN101771702A (en) | Method and system for defending distributed denial of service attack in point-to-point network | |
| CN116319061A (en) | Intelligent control network system | |
| CN116132989A (en) | Industrial Internet security situation awareness system and method | |
| Appiah-Kubi et al. | Decentralized intrusion prevention (DIP) against co-ordinated cyberattacks on distribution automation systems | |
| Xie et al. | Machine learning-based security active defence model-security active defence technology in the communication network | |
| Almobaideen et al. | Fog computing: survey on decoy information technology | |
| Akhtar et al. | A systemic security and privacy review: Attacks and prevention mechanisms over IOT layers | |
| Obeidat et al. | Smart approach for botnet detection based on Network Traffic analysis | |
| Lee et al. | AI-based network security enhancement for 5G industrial Internet of things environments | |
| CN117675274A (en) | Data center system based on SOAR | |
| Agrawal et al. | A SURVEY ON ATTACKS AND APPROACHES OF INTRUSION DETECTION SYSTEMS. | |
| Potteti et al. | Intrusion detection system using hybrid Fuzzy Genetic algorithm | |
| CN117278335B (en) | Password suite selection method and device, electronic equipment and storage medium | |
| CN115118525A (en) | Internet of things safety protection system and protection method thereof | |
| Abou Haidar et al. | High perception intrusion detection system using neural networks | |
| Ntizikira et al. | Honey-block: Edge assisted ensemble learning model for intrusion detection and prevention using defense mechanism in IoT | |
| Rattanalerdnusorn et al. | IoTDePT: Detecting security threats and pinpointing anomalies in an IoT environment | |
| Hu et al. | A Novel Attack‐and‐Defense Signaling Game for Optimal Deceptive Defense Strategy Choice | |
| Singh et al. | Security and privacy aspect of cyber physical systems | |
| Ramprasath et al. | Virtual Guard Against DDoS Attack for IoT Network Using Supervised Learning Method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |