CN211089674U - Computer network safety early warning device - Google Patents
Computer network safety early warning device Download PDFInfo
- Publication number
- CN211089674U CN211089674U CN201922176168.9U CN201922176168U CN211089674U CN 211089674 U CN211089674 U CN 211089674U CN 201922176168 U CN201922176168 U CN 201922176168U CN 211089674 U CN211089674 U CN 211089674U
- Authority
- CN
- China
- Prior art keywords
- module
- database
- data
- network
- early warning
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The utility model relates to the technical field of computer network safety, in particular to a computer network safety early warning device, which comprises a central processing unit, a network port, a network early warning module, an access authority control module, a data transmission monitoring module, an automatic detection module, a deletion module and a database; the central processing unit is respectively connected with a network port, a network early warning module, an access authority control module, a data transmission monitoring module, a deleting module and a database; a network firewall is arranged between the network port and the central processing unit; the deleting module is connected with the database. By connecting the deletion module with the database, when the automatic detection module or the network early warning module detects that the Trojan virus illegally downloads the data in the database, the deletion module deletes all the data in the database, so that the Trojan is deleted together, and information in the database is prevented from being stolen maliciously.
Description
Technical Field
The utility model relates to a computer network safety technical field specifically is a computer network safety early warning device.
Background
Computer networks are collections of computer systems that connect multiple computers together by communication lines for the purpose of transmitting information, and a computer network is composed of transmission media and communication devices. Network security is an important national strategy in China, and with the implementation of network security laws, colleges and universities must strengthen network security guarantee work.
With the rapid development of computer technology, information networks have become an important guarantee for social development. At present, in campus networks used in colleges and universities, many intellectual property research materials are sensitive information, even highly confidential intellectual property research materials, and once they are stolen and published by Trojan horse virus, the research materials are very loss to teachers who do the subject, and most of the research materials are likely to be invalidated. The campus network is used as a main carrier for generating files in colleges and universities, and a large number of papers and confidential files are published in the campus network, wherein the papers and the confidential files comprise intellectual property right research data with high confidentiality, so that the files are inevitably attracted to various artificial hacker attacks from all over the world.
SUMMERY OF THE UTILITY MODEL
An object of the utility model is to provide a computer network safety precaution device to solve the problem that proposes among the above-mentioned background art.
In order to achieve the above object, the utility model provides a following technical scheme:
The utility model relates to a computer network safety early warning device, which comprises a central processing unit, a network port, a network early warning module, an access authority control module, a data transmission monitoring module, an automatic detection module, a deletion module and a database; the central processing unit is respectively connected with a network port, a network early warning module, an access authority control module, a data transmission monitoring module, a deleting module and a database; a network firewall is arranged between the network port and the central processing unit; the deleting module is connected with the database and is used for deleting the data in the database, and the database is connected with a data backup database; the data backup library is used for completely backing up data in the database, the data in the data backup library is copied into the database again after the deleting module deletes the information in the database, the data backup library is connected with the database only after the deleting module deletes the information in the database, and the data backup library is in a state of being disconnected and inaccessible during normal use.
Preferably, the content of the network early warning module includes a data packet detection module, a data splitting module and a data scanning module, and the data split by the data splitting module includes first-level early warning information, second-level early warning information and third-level early warning information.
Preferably, the data transmission monitoring module comprises an upload monitoring unit, a download monitoring unit and a flow monitoring unit.
Preferably, the network ports include an administrator login port, a user login port and a visitor login port.
Preferably, the content of the database comprises a no-access-right area, a primary access-right area, a secondary access-right area and a tertiary access-right area.
Preferably, the data backup library is composed of a plurality of memories, the number of the memories is at least two, all data in the database are stored in a single memory, and the memories are backed up with each other.
Preferably, the automatic detection module includes a NESS detection module, a Strobe detection module, a SATAN detection module and an ISS detection module, and the detection content of the automatic detection module includes configuration file detection, protection mechanism detection and difference test.
Compared with the prior art, the beneficial effects of the utility model are that: the utility model relates to a computer network safety early warning device,
1. Through the cooperation of the automatic detection module, the network firewall, the network early warning module and the data transmission monitoring module, the computer network safety is effectively monitored from multiple layers, and the possibility of hacker attack is effectively reduced;
2. By dividing the content in the database into an access right-free area, a primary access right area, a secondary access right area and a tertiary access right area, people with different access rights can only see the content in the access rights, so that the confidential information of schools can be effectively protected from being leaked;
3. By connecting the deletion module with the database, when the automatic detection module or the network early warning module detects that the Trojan virus illegally downloads the data in the database, the deletion module deletes all the data in the database, so that the Trojan is deleted together, and the information in the database is prevented from being maliciously stolen;
4. The risk file is split into first-level early warning information, second-level early warning information and third-level early warning information through the data splitting unit according to a grade protection system of a college network, and the first-level early warning information, the second-level early warning information and the third-level early warning information are sent to managers of corresponding grades to be processed, and safety early warning of permission division and grading directivity is achieved.
Drawings
Fig. 1 is a system framework of the computer network security early warning device of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only some embodiments of the present invention, not all embodiments. Based on the embodiments in the present invention, all other embodiments obtained by a person skilled in the art without creative work all belong to the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution:
The utility model relates to a computer network safety early warning device, which comprises a central processing unit, a network port, a network early warning module, an access authority control module, a data transmission monitoring module, an automatic detection module, a deletion module and a database; the central processing unit is respectively connected with a network port, a network early warning module, an access authority control module, a data transmission monitoring module, a deleting module and a database; a network firewall is arranged between the network port and the central processing unit, and the network port is used for reading the state of the computer, reading the storage content of a computer hard disk, reading the IP address, the user name, the password and the network access authority of the computer; the access authority control module is used for modifying the network access authority; the deleting module is connected with the database and is used for deleting the data in the database, and the database is connected with a data backup database; the data backup library is used for completely backing up data in the database, the data in the data backup library is copied into the database again after the deleting module deletes the information in the database, the data backup library is connected with the database only after the deleting module deletes the information in the database, and the data backup library is in a state of being disconnected and inaccessible during normal use.
As an embodiment of the utility model, the content of network early warning module includes data package detecting element, data split unit and data scanning unit, the data of data split unit split includes one-level early warning information, second grade early warning information and tertiary early warning information, and data package detecting element is arranged in detecting the trojan virus in the data package, and data scanning unit is used for scanning data, detects out the risk file, according to the grade protection system of college network with the risk file through data split unit, and the split becomes one-level early warning information, second grade early warning information and tertiary early warning information to give the managers of corresponding grade to handle.
As an embodiment of the utility model, data transmission monitoring module is including uploading the monitor cell, downloading monitor cell and flow monitoring unit, uploads monitor cell, download monitor cell and flow monitoring unit and is used for monitoring and the record to the file that the user uploaded, the data of download and the data flow who uses respectively.
As an embodiment of the utility model, the network port includes administrator's login port, user login port and visitor login port, and administrator's login port is used for administrator's login, can operate access control module after the administrator logs on, grants corresponding authority to the user that logs on from user login port, and visitor login port is used for general masses' login outside the school.
As an implementation mode of the utility model, the content of the database comprises a no access right area, a first-level access right area, a second-level access right area and a third-level access right area, the content in the database is divided into the no access right area, the first-level access right area, the second-level access right area and the third-level access right area, and people with different access rights can only see the content in the access right, so that the confidential data of schools can be effectively protected from being leaked; the non-access-right area is not provided with a right and is used for storing the information disclosed to the society, and a person who logs in from the visitor login port can only access the non-access-right area; the first-level access right area, the second-level access right area and the third-level access right area can be accessed only after login is performed through a user login port and corresponding right grant of an administrator is obtained.
As an embodiment of the present invention, the data backup library is composed of a plurality of memories, the number of the memories is two at least, all the data in the database are stored in the single memory, and the memories are backup to each other, thereby avoiding the problem of data loss caused by the damage of one memory.
The working principle is as follows: when the device is used, the automatic detection module, the network firewall, the network early warning module and the data transmission monitoring module are matched, so that the computer network safety is effectively monitored from multiple layers, and the possibility of hacker attack is effectively reduced; by dividing the content in the database into an access right-free area, a primary access right area, a secondary access right area and a tertiary access right area, people with different access rights can only see the content in the access rights, so that the confidential information of schools can be effectively protected from being leaked; by connecting the deletion module with the database, when the automatic detection module or the network early warning module detects that the Trojan virus illegally downloads the data in the database, the deletion module deletes all the data in the database, so that the Trojan is deleted together, and the information in the database is prevented from being maliciously stolen; at the moment, the data backup library is connected with the database, data in the data backup library is copied into the database again, the data backup library is connected with the database only after the information in the database is deleted by the deletion module, the data backup library is in a state of being disconnected from a network and being inaccessible during normal use, so that the data backup library is prevented from being invaded by the network, the risk file is split into primary early warning information, secondary early warning information and tertiary early warning information by the data splitting unit according to the level protection system of a college network, and the primary early warning information, the secondary early warning information and the tertiary early warning information are sent to managers of corresponding levels for processing, so that the safety early warning with different authorities and different levels of directivity is realized.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (5)
1. A computer network safety precaution device which characterized in that: the system comprises a central processing unit, a network port, a network early warning module, an access authority control module, a data transmission monitoring module, an automatic detection module, a deletion module and a database; the central processing unit is respectively connected with a network port, a network early warning module, an access authority control module, a data transmission monitoring module, a deleting module and a database; a network firewall is arranged between the network port and the central processing unit; the deleting module is connected with the database and is used for deleting the data in the database, and the database is connected with a data backup database; the data backup library is used for completely backing up data in the database, the data in the data backup library is copied into the database again after the deleting module deletes the information in the database, the data backup library is connected with the database only after the deleting module deletes the information in the database, and the data backup library is in a state of being disconnected and inaccessible during normal use.
2. The computer network security pre-warning device of claim 1, wherein: the content of the network early warning module comprises a data packet detection module, a data splitting module and a data scanning module, and the data split by the data splitting module comprises primary early warning information, secondary early warning information and tertiary early warning information.
3. The computer network security pre-warning device of claim 1, wherein: the data transmission monitoring module comprises an uploading monitoring unit, a downloading monitoring unit and a flow monitoring unit.
4. The computer network security pre-warning device of claim 1, wherein: the network ports comprise an administrator login port, a user login port and a visitor login port.
5. The computer network security pre-warning device of claim 1, wherein: the automatic detection module comprises an NESS detection module, a Strobe detection module, an SATAN detection module and an ISS detection module, and the detection content of the automatic detection module comprises configuration file detection, protection mechanism detection and difference test.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201922176168.9U CN211089674U (en) | 2019-12-06 | 2019-12-06 | Computer network safety early warning device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201922176168.9U CN211089674U (en) | 2019-12-06 | 2019-12-06 | Computer network safety early warning device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN211089674U true CN211089674U (en) | 2020-07-24 |
Family
ID=71623944
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201922176168.9U Active CN211089674U (en) | 2019-12-06 | 2019-12-06 | Computer network safety early warning device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN211089674U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110868428A (en) * | 2019-12-06 | 2020-03-06 | 吉林建筑大学 | Computer network safety early warning device |
-
2019
- 2019-12-06 CN CN201922176168.9U patent/CN211089674U/en active Active
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110868428A (en) * | 2019-12-06 | 2020-03-06 | 吉林建筑大学 | Computer network safety early warning device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9348984B2 (en) | Method and system for protecting confidential information | |
| US8392682B2 (en) | Storage security using cryptographic splitting | |
| CA2553648C (en) | Adaptive transparent encryption | |
| CN113660224B (en) | Situation awareness defense method, device and system based on network vulnerability scanning | |
| US20170324777A1 (en) | Injecting supplemental data into data queries at network end-points | |
| US20100153703A1 (en) | Storage security using cryptographic splitting | |
| US20140164790A1 (en) | Storage security using cryptographic splitting | |
| US7487219B1 (en) | Virtual storage device from multiple online accounts | |
| US10097560B1 (en) | Systems and methods for automatically adjusting user access permissions based on beacon proximity | |
| CN111464502A (en) | Network security protection method and system based on big data platform | |
| KR20210050959A (en) | Blockchain based file management system and method thereof | |
| CN111404948A (en) | Security system and method based on computer network monitoring | |
| CN111914300A (en) | Document encryption device and method for preventing file leakage | |
| AU2018236853A1 (en) | Storage security using cryptographic splitting | |
| CN106295386A (en) | The guard method of data file, device and terminal unit | |
| CN211089674U (en) | Computer network safety early warning device | |
| CN110543775B (en) | Data security protection method and system based on super-fusion concept | |
| Hunter | An information security handbook | |
| EP4006758A1 (en) | Data storage apparatus with variable computer file system | |
| WO2005031499A2 (en) | Host intrusion detection and isolation | |
| Chandramouli et al. | Security guidelines for storage infrastructure | |
| CN101408919A (en) | Method and system for monitoring computer espionage behavior | |
| CN109145536A (en) | A kind of webpage integrity assurance and device | |
| CN110868428A (en) | Computer network safety early warning device | |
| CN103942502B (en) | Ferry-boat formula secure data exchange method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |