CN118368131A - Industrial Internet information security analysis method for improving computer algorithm model - Google Patents
Industrial Internet information security analysis method for improving computer algorithm model Download PDFInfo
- Publication number
- CN118368131A CN118368131A CN202410606399.1A CN202410606399A CN118368131A CN 118368131 A CN118368131 A CN 118368131A CN 202410606399 A CN202410606399 A CN 202410606399A CN 118368131 A CN118368131 A CN 118368131A
- Authority
- CN
- China
- Prior art keywords
- information
- image
- algorithm
- industrial internet
- content
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 79
- 238000000034 method Methods 0.000 claims abstract description 71
- 238000012549 training Methods 0.000 claims abstract description 50
- 238000012216 screening Methods 0.000 claims abstract description 38
- 238000004088 simulation Methods 0.000 claims abstract description 15
- 230000005540 biological transmission Effects 0.000 claims abstract description 8
- 238000000605 extraction Methods 0.000 claims description 78
- 230000011218 segmentation Effects 0.000 claims description 36
- 238000001514 detection method Methods 0.000 claims description 26
- 244000035744 Hura crepitans Species 0.000 claims description 21
- 238000002955 isolation Methods 0.000 claims description 18
- 230000008569 process Effects 0.000 claims description 17
- 238000012545 processing Methods 0.000 claims description 16
- 238000007781 pre-processing Methods 0.000 claims description 14
- 239000006185 dispersion Substances 0.000 claims description 12
- 238000012015 optical character recognition Methods 0.000 claims description 12
- 238000000638 solvent extraction Methods 0.000 claims description 11
- 239000000284 extract Substances 0.000 claims description 8
- 238000003708 edge detection Methods 0.000 claims description 6
- 238000001914 filtration Methods 0.000 claims description 6
- 238000003672 processing method Methods 0.000 claims description 6
- 239000002994 raw material Substances 0.000 claims description 6
- 230000006870 function Effects 0.000 claims description 4
- 238000000926 separation method Methods 0.000 claims description 4
- 230000004913 activation Effects 0.000 claims description 3
- 238000010801 machine learning Methods 0.000 claims description 3
- 238000012502 risk assessment Methods 0.000 claims description 3
- 238000011426 transformation method Methods 0.000 claims description 2
- 241000700605 Viruses Species 0.000 abstract description 3
- 230000010365 information processing Effects 0.000 abstract 2
- 238000004519 manufacturing process Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000003860 storage Methods 0.000 description 3
- 230000009466 transformation Effects 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000005192 partition Methods 0.000 description 2
- 238000013068 supply chain management Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000009825 accumulation Methods 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000052 comparative effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000009792 diffusion process Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000009776 industrial production Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
- 230000035755 proliferation Effects 0.000 description 1
- 238000012106 screening analysis Methods 0.000 description 1
Landscapes
- Image Analysis (AREA)
Abstract
The invention discloses an industrial Internet information security analysis method for improving a computer algorithm model, belongs to the technical field of industrial Internet information security, and solves the problems of lag of industrial data information processing capability, poor information security protection capability, low data information processing efficiency and easy occurrence of information loss and theft caused by infected viruses in the prior art; the method comprises the steps of obtaining industrial Internet transmission information, screening industrial Internet information content, obtaining image information, training an algorithm model according to the image information, separating the image information, searching information to be detected, carrying out double identification on the information, extracting content information, carrying out simulation execution, and judging safety performance; according to the invention, the improved algorithm model is arranged to update the algorithm model of the computer, so that the information safety and the working efficiency are improved. The invention greatly improves the information security analysis capability of the industrial Internet.
Description
Technical Field
The invention belongs to the technical field of industrial Internet information security, and particularly relates to an industrial Internet information security analysis method for improving a computer algorithm model.
Background
In the period of entering the digital transformation of global economy, the digital transformation becomes a necessary choice of the traditional enterprises, which must be put into action, and the digital transformation is penetrated into the aspects of daily clothing and eating, work and life, production service and the like of people. At present, the digitization and the deep fusion of the cloud service enable the service to realize the digitization (namely the digital cloud service), so that the time and region limitation can be broken, and the flexibility of service interaction is improved. However, with the proliferation of digital cloud service scale, the information security problem caused by the digital cloud service is not ignored. In the industrial internet, information security is an important component for guaranteeing production security and business continuity. With the convergence of Industrial Control Systems (ICS) and internet technologies, there is an increasing threat of network security, and it is becoming particularly important to improve computer algorithm models to enhance industrial internet information security analysis methods.
The definition of information security is: technology, administrative security, established and employed for data processing systems in order to protect computer hardware, software, data from being destroyed, altered, and compromised by accidental and malicious causes; at present, although life style presents simplicity and rapidness, the back of the life style is accompanied with a plurality of information safety hidden dangers; the lawless persons steal personal information through various software or programs and use the information to gain benefits, thereby seriously affecting the life and property safety of citizens; such problems are often concentrated on daily life, such as unauthorized, excessive or illegal collection.
The existing method for analyzing information security has the following problems: firstly, the existing analysis method mainly relies on a computer algorithm model to realize the analysis of information security, the computer algorithm model is older, and the protection of the information security is insufficient; secondly, the existing computer algorithm model has slower speed and low efficiency in analyzing the information security; finally, the computer algorithm model is easy to be infected by viruses, so that information is revealed when the information security is analyzed, and the phenomena of information loss and theft are caused.
Disclosure of Invention
Aiming at the defects in the prior art, the invention discloses an industrial Internet information security analysis method which is used for efficiently protecting information security and greatly improving the stability and the running speed of a computer algorithm model. Industrial data is processed and analyzed in real time by a big data analysis technology so as to discover potential security threats in time.
In order to achieve the technical effects, the invention adopts the following technical scheme:
An industrial internet information security analysis method for improving a computer algorithm model, comprising:
S1, acquiring industrial Internet transmission information; the method is used for acquiring industrial Internet data packets to be analyzed from the industrial Internet through a network industrial Internet data packet capturing method;
S2, screening information content of the industrial Internet to obtain image information; the method is used for extracting and screening image information from the industrial Internet data packet through a protocol analysis and industrial Internet data packet analysis method, and removing redundant information through noise filtering and image enhancement;
s3, training an algorithm model according to the image information; the method is used for realizing training an analysis model according to image information through a feature extraction algorithm, an MR proportional division algorithm and an SL learning algorithm;
S4, separating image information and searching information to be detected; the method comprises the steps that image information is processed through an analysis model to obtain a first type image and a second type image, wherein the first type image contains readable data, and unreadable data is processed into the second type image;
S5, carrying out double identification on the information, and extracting content information; the method comprises the steps of performing text recognition and two-dimensional code recognition on a first type of image through a text recognition OCR and two-dimensional code recognition method, and extracting image content information;
s6, performing simulation execution, and judging safety performance; and the security corresponding to the undetected image is judged through risk assessment according to the result of the simulation execution operation.
As a further description of the above-described arrangements,
S2, screening information content of the industrial Internet, and acquiring image information comprises the following steps:
s201, preprocessing an undetected image by a self-adaptive threshold method, and converting the undetected image into a binary image;
S202, counting pixels in a binarized image through a pixel counting algorithm and a region segmentation algorithm, and classifying the pixels according to gray values of the pixels to obtain a plurality of pixel regions;
S203, carrying out shape recognition on each pixel region through a contour detection and edge detection algorithm, judging whether the pixel region contains a text or a two-dimensional code, and dividing the pixel region into a first type image and a second type image according to the shape recognition.
As a further description of the above-described arrangements,
S3, training an algorithm model according to the image information, wherein the step core of training the algorithm model is that model training is realized through a feature extraction algorithm, an MR proportion segmentation algorithm and an SL learning algorithm; performing feature extraction and identification on raw materials through a feature extraction algorithm to obtain feature parameters of image information, training an operation model corresponding to the feature parameters through the feature parameters and a SL learning algorithm, outputting the operation model to the S4, separating the image information, and searching information to be detected; the feature extraction algorithm realizes the feature recognition extraction of the raw materials through component analysis and feature recognition, and realizes the feature recognition extraction through a feature extraction formula, wherein the expression of the feature extraction formula is as follows:
In the above formula (1), n represents the number of extracted features, and is used for calculating the number of features to be extracted; θ represents a deviation threshold value, and represents a deviation angle of the feature coordinates; i represents a cycle characteristic parameter, and represents the current ith cycle; omega represents deviation weight and represents a specific deviation value of the feature to be identified in a coordinate system; x is sample data used for representing the characteristics to be extracted by input; y is an activation function parameter, which is a parameter representing the feature sought;
the SL learning algorithm realizes real-time and rapid feedback adjustment of the feedback adjustment model through online feedback data and training of each sample, and performs high-density screening and high-efficiency identification on industrial Internet data passing through the model; training process of the feedback adjustment model: firstly, setting the learning rate and regularization parameter value of a model; secondly, setting parallel learning numbers of the model; thirdly, continuously filling data into the data pool; fourthly, simultaneously, different parallel lines can acquire industrial Internet data from the data pool for training; finally, after the data is grabbed, merging models of different lines, and storing the models; the SL learning algorithm realizes online learning and training of a model through an online learning formula, and the online learning formula has the expression:
ωt=1,i=-(zt,i-sgn(zt,i)-λ1)/(λ2+σ1:t) (2)
In the formula (2), i is a characteristic parameter used for representing the input of the characteristic to be trained; t represents an iteration parameter, and represents that the current process is the ith iteration; lambda 1、λ2 is a characteristic value for increasing the position weight of the parameter in the algorithm; σ 1:t represents the degree of dispersion of the gradient parameter for calculating the degree of dispersion of the gradient parameter as an intermediate quantity; z t、zt,i is a custom intermediate variable, and the expression of z t、zt,i is:
in formulas (3) and (4), σ s represents the degree of dispersion of the parameters in the algorithm, and is used as an intermediate quantity to calculate the dispersion of the algorithm parameters; g 1:t is the accumulated gradient of the previous 1 to t rounds of the algorithm, and is used for calculating the iteration times of the algorithm; the MR instance segmentation algorithm further refines semantic detection through a segmentation refinement method to realize object separation at a pixel level, and the MR instance segmentation algorithm realizes screening of graphic information and map information through a graphic segmentation formula, wherein the expression of the graphic segmentation formula is as follows:
In the above formula (5), P is a calculated bilinear interpolation midpoint, which is used to represent the calculated split point coordinate, x is a midpoint abscissa value, which is used to reflect the abscissa of the P point, y is a midpoint ordinate value, which is used to reflect the ordinate of the P point, x 1 is an abscissa value of one endpoint, which is used to determine the abscissa of the endpoint 1 and the P point range, x 2 is an abscissa value of the other endpoint, which is used to determine the abscissa of the endpoint 2 and the P point range, y 1 is an ordinate value of the endpoint x 1, which is used to determine the ordinate of the endpoint 1 and the P point range, y 2 is an ordinate value of the endpoint x 2, which is used to determine the ordinate of the endpoint 2 and the P point range, phi is an included angle value of the calculated coordinate points, which is used to determine the coordinate angles of the endpoint 1, the endpoint 2 and the P point.
As a further description of the above-described arrangements,
S4, carrying out double recognition on the information, wherein the step of extracting the content information comprises the following steps:
S401, performing text recognition on the first type of image through an optical character recognition engine to obtain a text recognition result;
s402, performing binarization processing on the first type of images through a two-dimensional code detection module in a computer vision library, and extracting two-dimensional code images in the first type of images;
s403, information extraction is carried out based on the text recognition result and the two-dimensional code image, and image content information is obtained.
As a further description of the above-described arrangements,
S6, performing simulation execution, wherein the step of judging the safety performance comprises the following steps:
s601, creating an isolation sandbox, and performing content expansion on image content information to obtain an expansion access link;
s602, constructing a virtual system in an isolation sandbox, and sequentially accessing the extended access links one by one to obtain an access interface;
S603, recording data content which is fetched in the process of entering each access interface, identifying the access interface, judging whether risk links exist through a network industrial Internet data packet analysis method, and judging that risks exist in corresponding undetected images if the risk links exist.
As a further description of the above-described arrangements,
The operation environment of the information security analysis method is an industrial Internet information security analysis system based on a computer algorithm model, and the security analysis system comprises:
a data acquisition module; the data acquisition module acquires an industrial Internet data packet needing to be subjected to security analysis from the industrial Internet through a user protocol based on a network protocol and a data acquisition method;
an image screening module; the image screening module screens and separates the image information and redundant information in the acquired industrial Internet data packet through an information screening and processing method;
A model training module; the model training module realizes training an analysis model according to image information through a feature extraction algorithm, an MR proportion segmentation algorithm and an SL learning algorithm;
A content extraction module; the content extraction module is used for processing and extracting image information through an analysis model to obtain a first class image and a second class image, wherein the first class image contains readable data, and unreadable data is processed into the second class image; the content extraction module extracts image content information by carrying out text recognition and two-dimensional code recognition on the first type of images;
A security detection module; the safety detection module judges the safety of the corresponding undetected image according to the result of the simulation execution operation;
The system comprises a data acquisition module, a model training module, a content extraction module, a safety detection module, a data acquisition module and a content extraction module, wherein the output end of the data acquisition module is connected with the input end of the image screening module, the output end of the image screening module is connected with the input ends of the model training module and the content extraction module, the output end of the model training module is connected with the input end of the content extraction module, the input end of the content extraction module is connected with the input end of the safety detection module, and the data acquisition module acquires information through a preset industrial Internet information reading protocol.
As a further description of the above-described arrangements,
The image screening module includes:
The preprocessing unit is used for preprocessing the undetected image, and the preprocessing unit converts the original image into a binary image through a filtering and edge detection method;
The pixel partition unit is used for carrying out statistical classification on pixels in the binarized image; the pixel partitioning unit performs pixel statistics and partitioning on the binarized image through an image processing and partitioning algorithm, and classifies the binarized image through gray values of pixels to obtain a plurality of pixel areas;
The identification classification unit is used for carrying out shape identification classification on each pixel area; the recognition classification unit performs shape recognition on each pixel region through feature descriptors, contour analysis, shape matching and Hough transformation methods.
As a further description of the above-described arrangements,
The content extraction module includes:
the text recognition unit is used for acquiring a text recognition result; the text recognition unit recognizes texts in the first type of images through optical character recognition OCR;
the two-dimensional code extraction unit is used for extracting a two-dimensional code image; the two-dimensional code extraction unit carries out binarization processing on the first type of images through an image processing method, and extracts two-dimensional code images in the images through a method based on characteristic point matching;
A content identification unit for acquiring image content information; the content recognition unit performs information extraction on the extracted text and the two-dimensional code image through a text recognition and two-dimensional code decoding method.
As a further description of the above-described arrangements,
The security detection module includes:
The information expansion unit is used for carrying out content expansion on the image content information; the information expansion unit creates an isolation sandbox through a container virtualization method, and expands the content of the image information through generating an countermeasure network;
The information access unit is used for accessing the links of the extended access information one by one; the information access unit simulates an access process according to a preset sequence through a web crawler and acquires related information;
A risk determination unit configured to determine whether a risk link exists; the rule engine-based risk judging unit monitors and analyzes the access interface in real time through a rule engine and a machine learning model.
In summary, the invention has the positive and beneficial effects that:
1. According to the invention, the information security of industrial information is analyzed by setting an improved computer algorithm model, so that the security and stability of the information in the process of analysis are improved, and the practicability of an analysis method is improved by improving the security of the information;
2. In the invention, the speed and the depth of the safety analysis of the industrial information are improved by improving the algorithm model of the computer, so that the efficiency and the safety of the safety analysis of the industrial information are improved, and the additional extraction and the treatment of sensitive, abnormal and suspected virus information are realized by deepening the analysis depth, so that the working range and the safety of the algorithm model are improved;
3. In the invention, the compatibility analysis image information during analysis is realized by setting an improved computer algorithm model, so that the protection degree and analysis depth of information safety are improved, and the universality of the computer algorithm model is improved by analyzing the image information;
4. According to the invention, the cloud storage of the industrial information is realized by arranging the multiple separation screening analysis and information expansion units for the industrial information, so that the safety of the industrial information is improved, and the safety problem caused by losing the industrial information is reduced;
5. according to the invention, the algorithm model is set to realize the compatibility with the big data analysis method, so that the safety and the evaluation precision of the safety analysis method are improved, and the universality and the accuracy of the safety analysis method are improved by improving the evaluation precision.
Drawings
FIG. 1 is a flow chart of an industrial Internet information security analysis method for improving a computer algorithm model;
FIG. 2 is a flow chart of step S2 of an industrial Internet information security analysis method for improving a computer algorithm model;
FIG. 3 is a flowchart of step S4 of an industrial Internet information security analysis method for improving a computer algorithm model;
FIG. 4 is a flowchart of step S5 of an industrial Internet information security analysis method for improving a computer algorithm model;
FIG. 5 is a schematic diagram of an industrial Internet information security analysis system with an improved computer algorithm model;
FIG. 6 is a schematic diagram of an image screening module of an industrial Internet information security analysis system with an improved computer algorithm model;
FIG. 7 is a block diagram of a content extraction module of an industrial Internet information security analysis system with an improved computer algorithm model;
FIG. 8 is a schematic diagram of a security detection module of an industrial Internet information security analysis system with an improved computer algorithm model;
detailed description of the preferred embodiments
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 1 to 8, an industrial internet information security analysis method for improving a computer algorithm model includes:
S1, acquiring industrial Internet transmission information; the method is used for acquiring industrial Internet data packets to be analyzed from the industrial Internet through a network industrial Internet data packet capturing method;
S2, screening information content of the industrial Internet to obtain image information; the method is used for extracting and screening image information from the industrial Internet data packet through a protocol analysis and industrial Internet data packet analysis method, and removing redundant information through noise filtering and image enhancement;
s3, training an algorithm model according to the image information; the method is used for realizing training an analysis model according to image information through a feature extraction algorithm, an MR proportional division algorithm and an SL learning algorithm;
S4, separating image information and searching information to be detected; the method comprises the steps that image information is processed through an analysis model to obtain a first type image and a second type image, wherein the first type image contains readable data, and unreadable data is processed into the second type image;
S5, carrying out double identification on the information, and extracting content information; the method comprises the steps of performing text recognition and two-dimensional code recognition on a first type of image through a text recognition OCR and two-dimensional code recognition method, and extracting image content information;
s6, performing simulation execution, and judging safety performance; and the security corresponding to the undetected image is judged through risk assessment according to the result of the simulation execution operation.
In the above embodiment: s2, screening information content of the industrial Internet, and acquiring image information comprises the following steps:
s201, preprocessing an undetected image by a self-adaptive threshold method, and converting the undetected image into a binary image;
S202, counting pixels in a binarized image through a pixel counting algorithm and a region segmentation algorithm, and classifying the pixels according to gray values of the pixels to obtain a plurality of pixel regions;
S203, carrying out shape recognition on each pixel region through a contour detection and edge detection algorithm, judging whether the pixel region contains a text or a two-dimensional code, and dividing the pixel region into a first type image and a second type image according to the shape recognition.
In the specific embodiment: in step S201, the undetected image is preprocessed, that is, the binarized image is processed, the binarized image only includes black and white, each pixel has a corresponding gray value, and the gray value has a value range of 0-255; in step S202, statistics is performed on pixels in the binarized image, specifically, a two-dimensional coordinate system is constructed, a coordinate is determined for each pixel, then the gray value of the pixel corresponding to each coordinate is determined, all pixels corresponding to the same gray value are divided into a class, and pixels belonging to the same class form a pixel region; in step S203, shape recognition is performed on each pixel region, and it is determined whether text is included in the pixel region through shape recognition, and the two-dimensional code has a location area due to its structural characteristics, so that it can be determined whether the two-dimensional code exists accordingly, if text or the two-dimensional code is included, the two-dimensional code is divided into a first type of image, and if text or the two-dimensional code is not included, the two-dimensional code is divided into a second type of image.
Industrial Control Systems (ICS) typically include a variety of different types of devices and systems, such as production control systems, monitoring systems, remote control systems, and the like. The interaction and data flow between these systems is complex, which presents challenges for data security. Industrial production often requires real-time data processing and feedback, so that the secure transmission and processing of data requires extremely high reliability, and any delay or failure may cause serious production accidents.
Thus in the above embodiments: s3, training an algorithm model according to the image information, wherein the step core of training the algorithm model is that model training is realized through a feature extraction algorithm, an MR proportion segmentation algorithm and an SL learning algorithm; performing feature extraction and identification on raw materials through a feature extraction algorithm to obtain feature parameters of image information, training an operation model corresponding to the feature parameters through the feature parameters and a SL learning algorithm, outputting the operation model to the S4, separating the image information, and searching information to be detected; the feature extraction algorithm realizes the feature recognition extraction of the raw materials through component analysis and feature recognition, and realizes the feature recognition extraction through a feature extraction formula, wherein the expression of the feature extraction formula is as follows:
In the above formula (1), n represents the number of extracted features, and is used for calculating the number of features to be extracted; θ represents a deviation threshold value, and represents a deviation angle of the feature coordinates; i represents a cycle characteristic parameter, and represents the current ith cycle; omega represents deviation weight and represents a specific deviation value of the feature to be identified in a coordinate system; x is sample data used for representing the characteristics to be extracted by input; y is an activation function parameter, which is a parameter representing the feature sought;
the SL learning algorithm realizes real-time and rapid feedback adjustment of the feedback adjustment model through online feedback data and training of each sample, and performs high-density screening and high-efficiency identification on industrial Internet data passing through the model; training process of the feedback adjustment model: firstly, setting the learning rate and regularization parameter value of a model; secondly, setting parallel learning numbers of the model; thirdly, continuously filling data into the data pool; fourthly, simultaneously, different parallel lines can acquire industrial Internet data from the data pool for training; finally, after the data is grabbed, merging models of different lines, and storing the models; the SL learning algorithm realizes online learning and training of a model through an online learning formula, and the online learning formula has the expression:
ωt=1,i=-(zt,i-sgn(zt,i)-λ1)/(λ2+σ1:t) (2)
In the formula (2), i is a characteristic parameter used for representing the input of the characteristic to be trained; t represents an iteration parameter, and represents that the current process is the ith iteration; lambda 1、λ2 is a characteristic value for increasing the position weight of the parameter in the algorithm; σ 1:t represents the degree of dispersion of the gradient parameter for calculating the degree of dispersion of the gradient parameter as an intermediate quantity; z t、zt,i is a custom intermediate variable, and the expression of z t、zt,i is:
in formulas (3) and (4), σ s represents the degree of dispersion of the parameters in the algorithm, and is used as an intermediate quantity to calculate the dispersion of the algorithm parameters; g 1:t is the accumulated gradient of the previous 1 to t rounds of the algorithm, and is used for calculating the iteration times of the algorithm; the MR instance segmentation algorithm further refines semantic detection through a segmentation refinement method to realize object separation at a pixel level, and the MR instance segmentation algorithm realizes screening of graphic information and map information through a graphic segmentation formula, wherein the expression of the graphic segmentation formula is as follows:
In the above formula (5), P is a calculated bilinear interpolation midpoint, which is used to represent the calculated split point coordinate, x is a midpoint abscissa value, which is used to reflect the abscissa of the P point, y is a midpoint ordinate value, which is used to reflect the ordinate of the P point, x 1 is an abscissa value of one endpoint, which is used to determine the abscissa of the endpoint 1 and the P point range, x 2 is an abscissa value of the other endpoint, which is used to determine the abscissa of the endpoint 2 and the P point range, y 1 is an ordinate value of the endpoint x 1, which is used to determine the ordinate of the endpoint 1 and the P point range, y 2 is an ordinate value of the endpoint x 2, which is used to determine the ordinate of the endpoint 2 and the P point range, phi is an included angle value of the calculated coordinate points, which is used to determine the coordinate angles of the endpoint 1, the endpoint 2 and the P point.
In the specific embodiment: the SL learning algorithm runs as follows:
In the above algorithm, the parameter f is an iterative sample; parameter wzn is an empty container, retaining intermediate parameters; the four parameters of [ val alpha ] double=0.5 ] [ val belta ] double=1.0 ] [ val lambda1 ] double=1.0 ] [ val lambda2 ] double=0 ] represent super parameters, and have the characteristic of accumulation for z t.i; in specific implementation, the data comparison table of the online learning and the traditional algorithm is shown in the table:
Table 1 SL data comparison table of learning algorithm and conventional algorithm
Compared with the basic FR regression segmentation algorithm, the MR instance segmentation algorithm has the advantages of strong feature extraction capability, excellent target detection effect and fine instance segmentation effect; the MR example segmentation algorithm not only detects targets in an image but also gives a segmentation result with higher quality to each target by adding a diffusion prediction branch for predicting a binary mask, and simultaneously carries out a task of expanding to key point detection; in a specific implementation, a data comparison table of the MR example segmentation algorithm and the conventional algorithm is shown in the table:
Table 2 MR data comparison table of example segmentation algorithm and conventional algorithm
| Comparative data | MR real force segmentation algorithm | Traditional algorithm |
| Precision of segmentation | 50% | 10% |
| Probability of error | 0 | 4% |
| Maximum pixel after segmentation | 4096 | 1000 |
| Time required for division | 196ms | 331ms |
In the above embodiment: s4, carrying out double recognition on the information, wherein the step of extracting the content information comprises the following steps:
S401, performing text recognition on the first type of image through an optical character recognition engine to obtain a text recognition result;
s402, performing binarization processing on the first type of images through a two-dimensional code detection module in a computer vision library, and extracting two-dimensional code images in the first type of images;
s403, information extraction is carried out based on the text recognition result and the two-dimensional code image, and image content information is obtained.
In the specific embodiment: in step S401, text recognition is performed on the first type of image by a text recognition method, and text content contained in the first type of image is extracted by text recognition, so that a text recognition result can be obtained; in step S402, binarizing the first type of image, wherein pixels with the same gray value form a pixel area, and pixels with different gray values form a plurality of pixel areas, and two-dimensional code extraction is performed on the first type of image based on the pixel areas to obtain a two-dimensional code image; in step S403, information extraction is performed based on the text recognition result and the two-dimensional code image, and image content information is directly obtained for the text, and the content included in the two-dimensional code is determined by scanning the two-dimensional code image information.
In the above embodiment: s6, performing simulation execution, wherein the step of judging the safety performance comprises the following steps:
s601, creating an isolation sandbox, and performing content expansion on image content information to obtain an expansion access link;
s602, constructing a virtual system in an isolation sandbox, and sequentially accessing the extended access links one by one to obtain an access interface;
S603, recording data content which is fetched in the process of entering each access interface, identifying the access interface, judging whether risk links exist through a network industrial Internet data packet analysis method, and judging that risks exist in corresponding undetected images if the risk links exist.
In the specific embodiment: in step S601, an isolation sandbox is created, where the isolation sandbox is a closed storage space opened independently in the device, and data in the isolation sandbox does not interact with external data, so that safety can be ensured, and for image content information, links contained in the isolation sandbox may be incomplete, so that all types of prefixes are filled, texts in the image content information are identified, information such as punctuation is added, and original image text content is saved, so as to obtain a plurality of extended access links; in step S602, a virtual system is built in the isolation sandbox, systems such as a mobile phone and a computer are simulated in the virtual system, corresponding privacy data are set, the extended access links are accessed one by one according to the sequence, and screenshot records are performed on each access interface; in step S603, the data content retrieved during entering each access interface is recorded, the access interface is identified, the data accessed by each access interface is recorded, if the data is accessed beyond the authority range, the data is classified into risk links, and if the displayed access interface has risk, the data is also classified into risk links; when judging that the undetected image has risk, intercepting the undetected image; after the undetected image is intercepted, it is replaced with a preset image.
In the above embodiment: the operation environment of the information security analysis method is an industrial Internet information security analysis system based on a computer algorithm model, and the security analysis system comprises:
A data acquisition module 1; the data acquisition module 1 acquires an industrial Internet data packet needing to be subjected to security analysis from an industrial Internet through a user protocol based on a network protocol and a data acquisition method;
an image screening module 2; the image screening module 2 screens and separates the image information and redundant information in the acquired industrial Internet data packet through an information screening and processing method;
A model training module 3; the model training module 3 realizes training an analysis model according to image information through a feature extraction algorithm, an MR proportion segmentation algorithm and an SL learning algorithm;
A content extraction module 4; the content extraction module 4 processes and extracts image information through an analysis model to obtain a first class image and a second class image, wherein the first class image contains readable data, and the unreadable data is processed into the second class image; the content extraction module 4 extracts image content information by carrying out text recognition and two-dimensional code recognition on the first type of images;
A security detection module 5; the safety detection module 5 judges the safety of the corresponding undetected image according to the result of the simulation execution operation;
The output end of the data acquisition module 1 is connected with the input end of the image screening module 2, the output end of the image screening module 2 is connected with the input ends of the model training module 3 and the content extraction module 4, the output end of the model training module 3 is connected with the input end of the content extraction module 4, the input end of the content extraction module 4 is connected with the input end of the safety detection module 5, and the data acquisition module 1 acquires information by presetting an industrial Internet information reading protocol. Aiming at remote access and control functions in an industrial control system, the safety of data transmission is ensured, and remote attack is prevented. The data security of IIoT devices such as sensors, actuators and the like connected to the industrial network is guaranteed, and the devices are prevented from being maliciously controlled or data are prevented from being stolen.
The data security scenarios in industrial environments are very diverse, covering a number of aspects from production control to supply chain management. The technical scheme of the invention is suitable for various scenes, financial data, supply chain management data, manpower resource data and the like. The invention focuses on the production of industrial equipment, ensures the data safety in a supply chain, including supplier information, inventory data, logistics information and the like, and prevents the data from being leaked or tampered. In cloud computing and big data application, industrial data stored on a cloud platform is protected, and safety and privacy of the data are ensured.
In the specific embodiment: the data acquisition module 1 acquires data to be transmitted, all the data are transmitted in the data transmission process, in order to ensure the safety of the data, the data are generally required to be analyzed, when the safety of the data to be transmitted is checked, the images contained in the data are extracted to obtain undetected images, the safety of the undetected images is unknown, and the data acquisition module 1 transmits image information to the graphic screening module 2; the image screening module 2 performs pixel analysis on the undetected image, performs binarization processing on the image, at the moment, the undetected image can be characterized by gray values, each pixel has a corresponding gray value, and classification of the pixel can be completed according to the gray value magnitude relation among the pixels, so that the pixel is divided into a plurality of types of pixels, a plurality of pixels form a plurality of pixel areas, whether the pixel area contains connection or text is judged according to the pixel areas, if the pixel area contains connection or text, the pixel area is divided into a first type of image, otherwise, the pixel area is divided into a second type of image, and for the second type of image, the content of the second type of image is only the image, the text information is not contained, and therefore dangerous links cannot be directly transmitted, and the dangerous links are directly transmitted or discarded; the model training module 3 realizes model training through a feature extraction algorithm, an MR proportion segmentation algorithm and an SL learning algorithm, and outputs a configured algorithm model to the content extraction module 4; the content extraction module 4 performs text recognition and two-dimensional code recognition on a first type of image, the first step performs text recognition, for the image, some links are directly reflected through the image, such as a risk link text is superimposed in a common character image, at this time, if a conventional risk recognition mode is adopted, the links in the image cannot be recognized, so that the risk links are transmitted, at this time, the content of each text is determined through text recognition, and for the image containing the two-dimensional code, the content contained in the image is extracted through a scanning mode, so as to obtain image content information; the security detection module 5 performs simulation execution operation according to the image content information, in order to ensure security, an isolation sandbox is constructed, and a program is run in the isolation sandbox or access links do not affect the security of the device, so that access to the web page is directly performed according to the image content information, different access pages are obtained, when the access is performed, the content displayed by the web page is recorded, the data accessed by the web page when the web page is opened is recorded, the determination is made based on the content displayed by the web page and the type of the access data, if the content displayed by the web page contains illegal content or access unrelated privacy data, the risk is determined to exist, otherwise, the risk is determined to not exist.
In the above embodiment: the image screening module 2 comprises:
a preprocessing unit 201 for preprocessing an undetected image, the preprocessing unit 201 converting an original image into a binary image by a filtering and edge detection method;
A pixel partition unit 202 for statistically classifying pixels in the binarized image; the pixel partitioning unit 202 performs pixel statistics and partitioning on the binarized image through an image processing and partitioning algorithm, and classifies the binarized image through gray values of pixels to obtain a plurality of pixel areas;
a recognition classification unit 203 for performing shape recognition classification on each pixel region; the recognition classification unit 203 performs shape recognition on each pixel region by a feature descriptor, contour analysis, shape matching, and hough transform method.
In the specific embodiment: the preprocessing unit 201 performs preprocessing on the undetected image, that is, the binarization processing is performed on the undetected image, the binarized image only includes black and white, each pixel has a corresponding gray value, and the range of the gray value is 0-255; the pixel partitioning unit 202 performs statistics on pixels in the binarized image, specifically, constructs a two-dimensional coordinate system, determines a coordinate for each pixel, determines a gray value of a pixel corresponding to each coordinate, and divides all pixels corresponding to the same gray value into a class, and forms a pixel region with pixels belonging to the same class; the recognition classification unit 203 performs shape recognition on each pixel area, determines whether text is included in the pixel area through shape recognition, and the two-dimensional code has a positioning area due to its structural characteristics, so that whether the two-dimensional code exists can be determined according to the shape recognition, if text or the two-dimensional code is included, the two-dimensional code is divided into a first type of image, and if the text or the two-dimensional code is not included, the two-dimensional code is a second type of image.
In the above embodiment: the content extraction module 4 includes:
A text recognition unit 401, configured to obtain a text recognition result; the text recognition unit 401 recognizes a text in the first type image by optical character recognition OCR;
A two-dimensional code extraction unit 402 for extracting a two-dimensional code image; the two-dimensional code extraction unit 402 performs binarization processing on the first type of image through an image processing method, and extracts a two-dimensional code image therein through a method based on feature point matching;
A content identifying unit 403 for acquiring image content information; the content recognition unit 403 performs information extraction on the extracted text and two-dimensional code image by a text recognition and two-dimensional code decoding method.
In the specific embodiment: the text recognition unit 301 performs text recognition on the first type of image, and performs text recognition on the first type of image by using a text recognition method to extract text content contained in the first type of image, so as to obtain a text recognition result; the two-dimensional code extraction unit 302 performs binarization processing on the first type of image, pixels with the same gray values form a pixel area, pixels with different gray values form a plurality of pixel areas, and two-dimensional code extraction is performed on the first type of image based on the pixel areas to obtain a two-dimensional code image; the content recognition unit 303 performs information extraction based on the text recognition result and the two-dimensional code image, directly obtains image content information for the text, and reads the content contained in the two-dimensional code by using the ground surface for the two-dimensional code image information.
In the above embodiment: the security detection module 5 comprises:
an information expansion unit 501 for performing content expansion on the image content information; the information expansion unit 501 creates an isolated sandbox by a container virtualization method and performs content expansion on image information by generating an countermeasure network;
An information access unit 502, configured to access links of the extended access information one by one; the information access unit 502 simulates an access process according to a predetermined sequence through a web crawler and acquires related information;
A risk determination unit 503 for determining whether a risk link exists; the rule engine based risk determination unit 503 monitors and analyzes the access interface in real time through a rule engine and a machine learning model.
In the specific embodiment: the information expansion unit 501 creates an isolated sandbox, which is a closed storage space opened independently in the device, wherein data in the isolated sandbox does not interact with external data, so that safety can be ensured, links contained in the image content information are possibly incomplete, so that all types of prefixes are filled, texts in the image content information are identified, information such as punctuation and the like is added, and original image text content is stored, so that a plurality of expanded access links are obtained; the information access unit 502 builds a virtual system in the isolation sandbox, simulates systems such as a mobile phone and a computer in the virtual system, sets corresponding privacy data, accesses the extended access links one by one according to the sequence, and captures and records each access interface; the risk judging unit 503 records the data content retrieved in the process of entering each access interface, identifies the access interface, records the data accessed by each access interface, if the data accessed by each access interface exceeds the authority range, the data is divided into risk links, and if the displayed access interface has risk, the data is also divided into risk links; when judging that the undetected image has risk, intercepting the undetected image; after the undetected image is intercepted, it is replaced with a preset image.
The specific implementation scheme of the industrial Internet information security analysis method for improving the computer algorithm model is as follows: step S1 is executed to acquire data to be transmitted, all the data are transmitted in the process of data transmission, the data are required to be analyzed usually, but for picture data, as the picture data cannot be used as an execution program or an execution link, the risk of the picture data cannot be determined, when the risk link is transmitted through a two-dimensional code picture or a text embodied on the picture, the picture cannot be intercepted in time, so that in order to ensure the safety of the data, when the data to be transmitted are subjected to safety inspection, an image contained in the picture is extracted to obtain an undetected image, the safety of the undetected image is unknown, then step S2 is executed to perform pixel analysis on the undetected image, the undetected image can be characterized by gray values at the moment, each pixel has a corresponding gray value, classification of the pixel can be completed according to the gray value magnitude relation between the pixels, so that the pixel is divided into a plurality of types of pixels, the pixels form a plurality of pixel areas, and whether the pixel areas contain the connection or not is judged according to the pixel areas, otherwise, if the pixel areas contain the connection or the text information is contained, the text information is not divided into a second type, and the image is directly transmitted, otherwise, the image is not divided into a first type, and the image is not directly transmitted; step S3 is executed, model training is achieved through a feature extraction algorithm, an MR proportion segmentation algorithm and an SL learning algorithm, and an algorithm model with configuration completed is output; then executing steps S4 and S5, carrying out text recognition and two-dimensional code recognition on the first type of image, carrying out text recognition in the first step, wherein for the image, some links are directly embodied through the image, such as overlapping risk link texts in a common person image, at the moment, if a conventional risk recognition mode is adopted, the links in the image cannot be recognized, so that the risk links are transmitted, at the moment, the content of each text is determined through text recognition, and for the image containing the two-dimensional code, the content contained in the image is extracted through a scanning mode, so as to obtain image content information; and finally, executing step S6, performing simulation execution operation according to the image content information, constructing an isolation sandbox, and running a program or accessing links in the isolation sandbox without affecting the safety of the equipment in order to ensure the safety, so that the webpage is directly accessed according to the image content information, different access pages are obtained, when the webpage is accessed, the content displayed by the webpage is recorded, the accessed data when the webpage is opened is recorded, the judgment is performed based on the content displayed by the webpage and the type of the accessed data, if the content displayed by the webpage contains illegal content or access irrelevant privacy data, the judgment is made that the risk exists, otherwise, the judgment is made that the risk does not exist.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The use of the words first, second, third, etc. do not denote any order. These words may be interpreted as names.
The principles and embodiments of the present application have been described herein with reference to specific examples, the description of which is intended only to facilitate an understanding of the method of the present application and its core ideas. It should be noted that it will be apparent to those skilled in the art that various modifications and adaptations of the application can be made without departing from the principles of the application and these modifications and adaptations are intended to be within the scope of the application as defined in the following claims.
Claims (9)
1. An industrial internet information security analysis method for improving a computer algorithm model, comprising:
S1, acquiring industrial Internet transmission information; the method is used for acquiring industrial Internet data packets to be analyzed from the industrial Internet through a network industrial Internet data packet capturing method;
S2, screening information content of the industrial Internet to obtain image information; the method is used for extracting and screening image information from the industrial Internet data packet through a protocol analysis and industrial Internet data packet analysis method, and removing redundant information through noise filtering and image enhancement;
s3, training an algorithm model according to the image information; the method is used for realizing training an analysis model according to image information through a feature extraction algorithm, an MR proportional division algorithm and an SL learning algorithm;
S4, separating image information and searching information to be detected; the method comprises the steps that image information is processed through an analysis model to obtain a first type image and a second type image, wherein the first type image contains readable data, and unreadable data is processed into the second type image;
S5, carrying out double identification on the information, and extracting content information; the method comprises the steps of performing text recognition and two-dimensional code recognition on a first type of image through a text recognition OCR and two-dimensional code recognition method, and extracting image content information;
s6, performing simulation execution, and judging safety performance; and the security corresponding to the undetected image is judged through risk assessment according to the result of the simulation execution operation.
2. The method for industrial internet information security analysis for improving computer algorithm model according to claim 1, wherein the step of S2 screening the industrial internet information content to obtain the image information comprises:
s201, preprocessing an undetected image by a self-adaptive threshold method, and converting the undetected image into a binary image;
S202, counting pixels in a binarized image through a pixel counting algorithm and a region segmentation algorithm, and classifying the pixels according to gray values of the pixels to obtain a plurality of pixel regions;
S203, carrying out shape recognition on each pixel region through a contour detection and edge detection algorithm, judging whether the pixel region contains a text or a two-dimensional code, and dividing the pixel region into a first type image and a second type image according to the shape recognition.
3. The method for analyzing the industrial internet information security by improving the computer algorithm model according to claim 1, wherein the step of training the algorithm model according to the image information is characterized in that model training is realized through a feature extraction algorithm, an MR ratio segmentation algorithm and an SL learning algorithm; performing feature extraction and identification on raw materials through a feature extraction algorithm to obtain feature parameters of image information, training an operation model corresponding to the feature parameters through the feature parameters and a SL learning algorithm, outputting the operation model to the S4, separating the image information, and searching information to be detected; the feature extraction algorithm realizes the feature recognition extraction of the raw materials through component analysis and feature recognition, and realizes the feature recognition extraction through a feature extraction formula, wherein the expression of the feature extraction formula is as follows:
In the above formula (1), n represents the number of extracted features, and is used for calculating the number of features to be extracted; θ represents a deviation threshold value, and represents a deviation angle of the feature coordinates; i represents a cycle characteristic parameter, and represents the current ith cycle; omega represents deviation weight and represents a specific deviation value of the feature to be identified in a coordinate system; x is sample data used for representing the characteristics to be extracted by input; y is an activation function parameter, which is a parameter representing the feature sought;
the SL learning algorithm realizes real-time and rapid feedback adjustment of the feedback adjustment model through online feedback data and training of each sample, and performs high-density screening and high-efficiency identification on industrial Internet data passing through the model; training process of the feedback adjustment model: firstly, setting the learning rate and regularization parameter value of a model; secondly, setting parallel learning numbers of the model; thirdly, continuously filling data into the data pool; fourthly, simultaneously, different parallel lines can acquire industrial Internet data from the data pool for training; finally, after the data is grabbed, merging models of different lines, and storing the models; the SL learning algorithm realizes online learning and training of a model through an online learning formula, and the online learning formula has the expression:
ωt=1,i=-(zt,i-sgn(zt,i)-λ1)/(λ2+σ1:t) (2)
In the formula (2), i is a characteristic parameter used for representing the input of the characteristic to be trained; t represents an iteration parameter, and represents that the current process is the ith iteration; lambda 1、λ2 is a characteristic value for increasing the position weight of the parameter in the algorithm; σ 1:t represents the degree of dispersion of the gradient parameter for calculating the degree of dispersion of the gradient parameter as an intermediate quantity; z t、zt,i is a custom intermediate variable, and the expression of z t、zt,i is:
in formulas (3) and (4), σ s represents the degree of dispersion of the parameters in the algorithm, and is used as an intermediate quantity to calculate the dispersion of the algorithm parameters; g 1:t is the accumulated gradient of the previous 1 to t rounds of the algorithm, and is used for calculating the iteration times of the algorithm; the MR instance segmentation algorithm further refines semantic detection through a segmentation refinement method to realize object separation at a pixel level, and the MR instance segmentation algorithm realizes screening of graphic information and map information through a graphic segmentation formula, wherein the expression of the graphic segmentation formula is as follows:
In the above formula (5), P is a calculated bilinear interpolation midpoint, which is used to represent the calculated split point coordinate, x is a midpoint abscissa value, which is used to reflect the abscissa of the P point, y is a midpoint ordinate value, which is used to reflect the ordinate of the P point, x 1 is an abscissa value of one endpoint, which is used to determine the abscissa of the endpoint 1 and the P point range, x 2 is an abscissa value of the other endpoint, which is used to determine the abscissa of the endpoint 2 and the P point range, y 1 is an ordinate value of the endpoint x 1, which is used to determine the ordinate of the endpoint 1 and the P point range, y 2 is an ordinate value of the endpoint x 2, which is used to determine the ordinate of the endpoint 2 and the P point range, phi is an included angle value of the calculated coordinate points, which is used to determine the coordinate angles of the endpoint 1, the endpoint 2 and the P point.
4. The method for industrial internet information security analysis for improving computer algorithm model according to claim 1, wherein the step of S4, double identifying information and extracting content information comprises:
S401, performing text recognition on the first type of image through an optical character recognition engine to obtain a text recognition result;
s402, performing binarization processing on the first type of images through a two-dimensional code detection module in a computer vision library, and extracting two-dimensional code images in the first type of images;
s403, information extraction is carried out based on the text recognition result and the two-dimensional code image, and image content information is obtained.
5. The method for industrial internet information security analysis for improving computer algorithm model according to claim 1, wherein the step of S6, performing simulation execution, determining security performance comprises:
s601, creating an isolation sandbox, and performing content expansion on image content information to obtain an expansion access link;
s602, constructing a virtual system in an isolation sandbox, and sequentially accessing the extended access links one by one to obtain an access interface;
S603, recording data content which is fetched in the process of entering each access interface, identifying the access interface, judging whether risk links exist through a network industrial Internet data packet analysis method, and judging that risks exist in corresponding undetected images if the risk links exist.
6. The method for industrial internet information security analysis for improving a computer algorithm model according to claim 1, wherein the operating environment of the information security analysis method is an industrial internet information security analysis system based on the computer algorithm model, and the security analysis system comprises:
A data acquisition module (1); the data acquisition module (1) acquires an industrial Internet data packet needing to be subjected to security analysis from the industrial Internet through a user protocol based on a network protocol and a data acquisition method;
an image screening module (2); the image screening module (2) screens and separates the image information and redundant information in the acquired industrial Internet data packet through an information screening and processing method;
A model training module (3); the model training module (3) realizes training an analysis model according to image information through a feature extraction algorithm, an MR proportion segmentation algorithm and an SL learning algorithm;
A content extraction module (4); the content extraction module (4) processes and extracts the image information through an analysis model to obtain a first class image and a second class image, wherein the first class image contains readable data, and the unreadable data is processed into the second class image; the content extraction module (4) extracts image content information by carrying out text recognition and two-dimensional code recognition on the first type of images;
A security detection module (5); the safety detection module (5) judges the safety of the corresponding undetected image according to the result of the simulation execution operation;
The system comprises a data acquisition module (1), an image screening module (2), a model training module (3) and a content extraction module (4), wherein the output end of the data acquisition module (1) is connected with the input end of the image screening module (2), the output end of the image screening module (2) is connected with the input ends of the model training module (3) and the content extraction module (4), the output end of the model training module (3) is connected with the input end of the content extraction module (4), the input end of the content extraction module (4) is connected with the input end of the safety detection module (5), and the data acquisition module (1) acquires information through a preset industrial Internet information reading protocol.
7. An industrial internet information security analysis method of improving a computer algorithm model according to claim 1, wherein the image screening module (2) comprises:
a preprocessing unit (201) for preprocessing an undetected image, the preprocessing unit (201) converting an original image into a binary image by a filtering and edge detection method;
A pixel partitioning unit (202) for statistically classifying pixels in the binarized image; the pixel partitioning unit (202) performs pixel statistics and partitioning on the binary image through an image processing and partitioning algorithm, and classifies the binary image through gray values of pixels to obtain a plurality of pixel areas;
A recognition classification unit (203) for performing shape recognition classification on each pixel region; the recognition classification unit (203) performs shape recognition on each pixel region through feature descriptors, contour analysis, shape matching and Hough transformation methods.
8. An industrial internet information security analysis method of improving a computer algorithm model according to claim 1, wherein the content extraction module (4) comprises:
a text recognition unit (401) for acquiring a text recognition result; the text recognition unit (401) recognizes texts in the first type of images through optical character recognition OCR;
A two-dimensional code extraction unit (402) for extracting a two-dimensional code image; the two-dimensional code extraction unit (402) carries out binarization processing on the first type of images through an image processing method, and extracts two-dimensional code images in the images through a method based on feature point matching;
a content identification unit (403) for acquiring image content information; the content recognition unit (403) performs information extraction on the extracted text and two-dimensional code image by a text recognition and two-dimensional code decoding method.
9. An industrial internet information security analysis method improving a computer algorithm model according to claim 1, characterized in that the security detection module (5) comprises:
An information expansion unit (501) for content-expanding the image content information; the information expansion unit (501) creates an isolation sandbox through a container virtualization method and expands the content of the image information through generating an countermeasure network;
An information access unit (502) for accessing the links of the extended access information one by one; the information access unit (502) simulates an access process according to a preset sequence through a web crawler and acquires related information;
a risk determination unit (503) for determining whether a risk link exists; the rule engine based risk determination unit (503) monitors and analyzes the access interface in real time through a rule engine and a machine learning model.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410606399.1A CN118368131A (en) | 2024-05-16 | 2024-05-16 | Industrial Internet information security analysis method for improving computer algorithm model |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410606399.1A CN118368131A (en) | 2024-05-16 | 2024-05-16 | Industrial Internet information security analysis method for improving computer algorithm model |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118368131A true CN118368131A (en) | 2024-07-19 |
Family
ID=91878177
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410606399.1A Pending CN118368131A (en) | 2024-05-16 | 2024-05-16 | Industrial Internet information security analysis method for improving computer algorithm model |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118368131A (en) |
-
2024
- 2024-05-16 CN CN202410606399.1A patent/CN118368131A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110233849B (en) | Method and system for analyzing network security situation | |
| CN107908963B (en) | Method for automatically detecting core characteristics of malicious codes | |
| CN112738015B (en) | Multi-step attack detection method based on interpretable convolutional neural network CNN and graph detection | |
| Zhao et al. | A review of computer vision methods in network security | |
| US10872270B2 (en) | Exploit kit detection system based on the neural network using image | |
| CN112866023B (en) | Network detection method, model training method, device, equipment and storage medium | |
| CN109922065B (en) | Quick identification method for malicious website | |
| CN106961419A (en) | WebShell detection methods, apparatus and system | |
| CN105072089A (en) | WEB malicious scanning behavior abnormity detection method and system | |
| CN109309675A (en) | A kind of network inbreak detection method based on convolutional neural networks | |
| CN104156490A (en) | Method and device for detecting suspicious fishing webpage based on character recognition | |
| CN115964710A (en) | Malicious code detection method and system based on internal memory forensics and deep learning | |
| CN117176433A (en) | Abnormal behavior detection system and method for network data | |
| CN116707859A (en) | Feature rule extraction method and device, and network intrusion detection method and device | |
| Anand et al. | Mitigating Cyber-Security Risks using Cyber-Analytics | |
| CN114282258A (en) | Screen capture data desensitization method and device, computer equipment and storage medium | |
| CN113688346A (en) | Illegal website identification method, device, equipment and storage medium | |
| CN117914555A (en) | Training and flow detection method and device for intelligent gateway | |
| CN114169432B (en) | Cross-site scripting attack recognition method based on deep learning | |
| CN115134159B (en) | Safety alarm analysis optimization method | |
| CN118368131A (en) | Industrial Internet information security analysis method for improving computer algorithm model | |
| CN113225343B (en) | Risk website identification method and system based on identity characteristic information | |
| CN115643044A (en) | Data processing method, device, server and storage medium | |
| KR102465307B1 (en) | Method for generating of whitelist and user device for perfoming the same, computer-readable storage medium and computer program | |
| Zhang et al. | A novel visualization Malware detection method based on Spp-Net |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |